Module Name: src
Committed By: sevan
Date: Sun Apr 7 02:08:08 UTC 2019
Modified Files:
src/etc/defaults: npf.boot.conf
Log Message:
Allow DHCP
Neighbour Advertisement should be allowed both ways, otherwise
ipv6nd_sendadvertisement() from dhcpcd logs "Network is unreachable"
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/etc/defaults/npf.boot.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/defaults/npf.boot.conf
diff -u src/etc/defaults/npf.boot.conf:1.1 src/etc/defaults/npf.boot.conf:1.2
--- src/etc/defaults/npf.boot.conf:1.1 Tue Apr 2 01:50:32 2019
+++ src/etc/defaults/npf.boot.conf Sun Apr 7 02:08:08 2019
@@ -1,4 +1,4 @@
-# $NetBSD: npf.boot.conf,v 1.1 2019/04/02 01:50:32 sevan Exp $
+# $NetBSD: npf.boot.conf,v 1.2 2019/04/07 02:08:08 sevan Exp $
#
# /etc/defaults/npf.boot.conf --
# initial configuration for npf(4)
@@ -25,11 +25,15 @@ pass stateful out to any port domain
# (the DHCP server can be down or not responding).
pass stateful out proto icmp icmp-type echo all
+# Allow DHCP
+pass out family inet4 proto udp from any port bootpc to any port bootps
+pass in family inet4 proto udp from any port bootps to any port bootpc
+
# Allow IPv6 router/neighbor solicitation and advertisement.
pass out family inet6 proto ipv6-icmp icmp-type rtsol all
pass in family inet6 proto ipv6-icmp icmp-type rtadv all
pass out family inet6 proto ipv6-icmp icmp-type neighsol all
-pass in family inet6 proto ipv6-icmp icmp-type neighadv all
+pass family inet6 proto ipv6-icmp icmp-type neighadv all
# Enable CARP, to avoid spurious failovers.
pass proto carp all
