Hi,
On 02/05/2016 21:54:06 CEST, Baptiste Jonglez wrote:
On Mon, May 02, 2016 at 09:37:07PM +0200, Baptiste Jonglez wrote:
On Mon, May 02, 2016 at 08:17:48PM +0200, Vittorio Gambaletta (VittGam) wrote:
> Since drop_invalid has been turned on by default, ICMPv6 echo requests
> to well-known
On Mon, May 02, 2016 at 09:37:07PM +0200, Baptiste Jonglez wrote:
> On Mon, May 02, 2016 at 08:17:48PM +0200, Vittorio Gambaletta (VittGam) wrote:
> > Since drop_invalid has been turned on by default, ICMPv6 echo requests
> > to well-known multicast addresses, such as ff02::1, are not replied to
>
Hi Vittorio,
On Mon, May 02, 2016 at 08:17:48PM +0200, Vittorio Gambaletta (VittGam) wrote:
> Since drop_invalid has been turned on by default, ICMPv6 echo requests
> to well-known multicast addresses, such as ff02::1, are not replied to
> by the router anymore, because conntrack considers those
Since drop_invalid has been turned on by default, ICMPv6 echo requests
to well-known multicast addresses, such as ff02::1, are not replied to
by the router anymore, because conntrack considers those outgoing reply
packets to be invalid.
Fix this by not having the INVALID rule in the OUTPUT chain
