From: Jo-Philipp Wich <jow@openwrt.org>
Date: Fri, 25 Sep 2015 08:41:12 +0000 (+0000)
Subject: firewall: allow DHCPv6 traffic to/from fc00::/6 instead of fe80::/10
X-Git-Tag: reboot~1909
X-Git-Url: http://git.ozo.com/?a=commitdiff_plain;ds=sidebyside;h=f30ccc899143f8752096c8797add417cd56e6559;p=lede-git%2F.git

firewall: allow DHCPv6 traffic to/from fc00::/6 instead of fe80::/10

There is no RFC requirement that DHCPv6 servers must reply with a link local
address and some ISP servers in the wild appear to using addresses in the ULA
range to send DHCPv6 offers.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 47048
---

diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config
index ba7e4ec0b3..749dbecb97 100644
--- a/package/network/config/firewall/files/firewall.config
+++ b/package/network/config/firewall/files/firewall.config
@@ -59,8 +59,8 @@ config rule
 	option name		Allow-DHCPv6
 	option src		wan
 	option proto		udp
-	option src_ip		fe80::/10
-	option dest_ip		fe80::/10
+	option src_ip		fc00::/6
+	option dest_ip		fc00::/6
 	option dest_port	546
 	option family		ipv6
 	option target		ACCEPT