config: remove restictions on DHCPv6 allow rule

Remove restrictions on source and destination addresses, which aren't specified on RFC8415, and for some reason in openwrt are configured to allow both link-local and ULA addresses. As cleared out in issue #5066 there are some ISPs that use Gloabal Unicast addresses, so fix this rule to allow them. Fixes: #5066 Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
author: Tiago Gaspar 2022-05-04 09:36:07 +0000
committer: Jo-Philipp Wich 2022-05-04 13:22:53 +0000
commit: 72b196da6852673a12aa7fb5e251d90bc9a191d4 (patch)
tree: 65c8722441587785965f802745c3b2f5ef296d25
parent: f0cc3171690d3c0aa9e5e08128b8922d36c92add (diff)
download: firewall4-72b196da6852673a12aa7fb5e251d90bc9a191d4.tar.gz
1 files changed, 1 insertions, 3 deletions
diff --git a/root/etc/config/firewall b/root/etc/config/firewall
index f4a3322..b9a4647 100644
--- a/root/etc/config/firewall
+++ b/root/etc/config/firewall
@@ -54,13 +54,11 @@ config rule
 	option target		ACCEPT
 
 # Allow DHCPv6 replies
-# see https://dev.openwrt.org/ticket/10381
+# see https://github.com/openwrt/openwrt/issues/5066
 config rule
 	option name		Allow-DHCPv6
 	option src		wan
 	option proto		udp
-	option src_ip		fc00::/6
-	option dest_ip		fc00::/6
 	option dest_port	546
 	option family		ipv6
 	option target		ACCEPT
author	Tiago Gaspar	2022-05-04 09:36:07 +0000
committer	Jo-Philipp Wich	2022-05-04 13:22:53 +0000
commit	72b196da6852673a12aa7fb5e251d90bc9a191d4 (patch)
tree	65c8722441587785965f802745c3b2f5ef296d25
parent	f0cc3171690d3c0aa9e5e08128b8922d36c92add (diff)
download	firewall4-72b196da6852673a12aa7fb5e251d90bc9a191d4.tar.gz