From ed4545914414a9de13b32102407b97417eb38f49 Mon Sep 17 00:00:00 2001
From: Ycarus <ycarus@zugaina.org>
Date: Sat, 14 Jul 2018 07:25:08 +0200
Subject: [PATCH] Accept ICMPv6 from LAN to router

---
 .../files/etc/uci-defaults/1980-omr-firewall      | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
index 4a524dc8e..4267b2265 100755
--- a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
+++ b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
@@ -55,6 +55,21 @@ if [ "$(uci -q show firewall | grep Allow-Lan-to-Wan)" = "" ]; then
 		commit firewall
 	EOF
 fi
+
+if [ "$(uci -q show firewall | grep ICMPv6-Lan-to-OMR)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		add firewall rule
+		set firewall.@rule[-1].enabled='1'
+		set firewall.@rule[-1].target='ACCEPT'
+		set firewall.@rule[-1].name='ICMPv6-Lan-to-OMR'
+		set firewall.@rule[-1].src='lan'
+		set firewall.@rule[-1].family='ipv6'
+		set firewall.@rule[-1].proto='icmp'
+		set firewall.@rule[-1].limit='1000/sec'
+		set firewall.@rule[-1].icmp_type='echo-reply destination-unreachable echo-request router-advertisement router-solicitation time-exceeded'
+		commit firewall
+	EOF
+fi
 rm -f /tmp/luci-indexcache
 
 exit 0