|
|
|
@ -240,7 +240,7 @@ mwan3_set_custom_ipset() |
|
|
|
|
|
|
|
mwan3_set_connected_iptables() |
|
|
|
{ |
|
|
|
local connected_network_v4 connected_network_v6 |
|
|
|
local connected_network_v4 connected_network_v6 source_network_v6 |
|
|
|
|
|
|
|
$IPS -! create mwan3_connected_v4 hash:net |
|
|
|
$IPS create mwan3_connected_v4_temp hash:net |
|
|
|
@ -272,6 +272,14 @@ mwan3_set_connected_iptables() |
|
|
|
$IPS -! add mwan3_connected mwan3_connected_v4 |
|
|
|
$IPS -! add mwan3_connected mwan3_connected_v6 |
|
|
|
|
|
|
|
$IPS -! create mwan3_source_v6 hash:net family inet6 |
|
|
|
$IPS create mwan3_source_v6_temp hash:net family inet6 |
|
|
|
for source_network_v6 in $($IP6 addr ls | sed -ne 's/ *inet6 \([^ \/]*\).* scope global.*/\1/p'); do |
|
|
|
$IPS -! add mwan3_source_v6_temp $source_network_v6 |
|
|
|
done |
|
|
|
$IPS swap mwan3_source_v6_temp mwan3_source_v6 |
|
|
|
$IPS destroy mwan3_source_v6_temp |
|
|
|
|
|
|
|
$IPS -! create mwan3_dynamic_v4 hash:net |
|
|
|
$IPS -! add mwan3_connected mwan3_dynamic_v4 |
|
|
|
|
|
|
|
@ -343,6 +351,12 @@ mwan3_set_general_iptables() |
|
|
|
-p ipv6-icmp \ |
|
|
|
-m icmp6 --icmpv6-type 137 \ |
|
|
|
-j RETURN |
|
|
|
# do not mangle outgoing echo request |
|
|
|
$IPT6 -A mwan3_hook \ |
|
|
|
-m set --match-set mwan3_source_v6 src \ |
|
|
|
-p ipv6-icmp -m icmp6 --icmpv6-type 128 \ |
|
|
|
-j RETURN |
|
|
|
|
|
|
|
fi |
|
|
|
$IPT -A mwan3_hook \ |
|
|
|
-j CONNMARK --restore-mark --nfmask $MMX_MASK --ctmask $MMX_MASK |
|
|
|
|
Aaron Goodman
4 years ago