add kmod for dm9000

[openwrt.git] / package / firewall / files / firewall.config

diff --git a/package/firewall/files/firewall.config b/package/firewall/files/firewall.config
index c7bc798..b47823f 100644 (file)
--- a/package/firewall/files/firewall.config
+++ b/package/firewall/files/firewall.config
@@ -48,27 +48,16 @@ config rule
        option src              wan
        option dest             *
        option proto            icmp
        option src              wan
        option dest             *
        option proto            icmp

-       list icmp_type          router-solicitation
-       list icmp_type          router-advertisement
-       list icmp_type          neighbour-solicitation
-       list icmp_type          neighbour-advertisement

        list icmp_type          echo-request
        list icmp_type          destination-unreachable
        list icmp_type          packet-too-big
        list icmp_type          time-exceeded
        list icmp_type          echo-request
        list icmp_type          destination-unreachable
        list icmp_type          packet-too-big
        list icmp_type          time-exceeded

+       list icmp_type          bad-header
+       list icmp_type          unknown-header-type

        option limit            1000/sec
        option family           ipv6
        option target           ACCEPT
 
        option limit            1000/sec
        option family           ipv6
        option target           ACCEPT
 

-# Drop leaking router advertisements on WAN
-config rule
-       option src              *
-       option dest             wan
-       option proto            icmp
-       option icmp_type        router-advertisement
-       option family           ipv6
-       option target           DROP
-

 # include a file with users custom iptables rules
 config include
        option path /etc/firewall.user
 # include a file with users custom iptables rules
 config include
        option path /etc/firewall.user