From 61b6ee27174c199dddbbe35a2ef8fe4ae8136e47 Mon Sep 17 00:00:00 2001
From: Philipp <gitlab@feyo.pw>
Date: Thu, 3 Jun 2021 00:47:01 +0000
Subject: [PATCH] Add required IPv6 ICMP types to iptables

---
 scripts/subinstallers/iptables.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/scripts/subinstallers/iptables.sh b/scripts/subinstallers/iptables.sh
index ba7784e..bfd3dee 100755
--- a/scripts/subinstallers/iptables.sh
+++ b/scripts/subinstallers/iptables.sh
@@ -88,6 +88,15 @@ echo "Setting ip6tables rules"
 sudo ip6tables -P INPUT ACCEPT
 sudo ip6tables -I INPUT -i lo -j ACCEPT
 sudo ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+# Allow as per RFC 4890
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 1   -j ACCEPT
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 2   -j ACCEPT
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 3   -j ACCEPT
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 4   -j ACCEPT
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 133 -j ACCEPT
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 134 -j ACCEPT
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 135 -j ACCEPT
+sudo ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 136 -j ACCEPT
 sudo ip6tables -A INPUT -j MISTBORN_LOG_DROP
 
 sudo ip6tables -P INPUT DROP