firewall: allow DHCPv6 traffic to/from fc00::/6 instead of fe80::/10

There is no RFC requirement that DHCPv6 servers must reply with a link local
address and some ISP servers in the wild appear to using addresses in the ULA
range to send DHCPv6 offers.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47048

diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config
index ba7e4ec0b3fe1cb3217dfff67796821ba5ee30d1..749dbecb974d9f8055d900f4790da72a96cb7f1e 100644 (file)
--- a/package/network/config/firewall/files/firewall.config
+++ b/package/network/config/firewall/files/firewall.config
@@ -59,8 +59,8 @@ config rule
        option name             Allow-DHCPv6
        option src              wan
        option proto            udp
-       option src_ip           fe80::/10
-       option dest_ip          fe80::/10
+       option src_ip           fc00::/6
+       option dest_ip          fc00::/6
        option dest_port        546
        option family           ipv6
        option target           ACCEPT