"
I am trying to create a filter to allow packets with ipv6-frag protocol, but I was surprised to see it isn't possible without tinkering.
Looking around, the file /usr/local/etc/inc/filter.inc has this:
I have commented out that line and the new rule created by it works without issue.
Does anyone know why this has been added?
Looking around, the file /usr/local/etc/inc/filter.inc has this:
Code Select
/* IPv6 extension headers are skipped by the packet filter, we cannot police them */
$ipv6_ext = array('IPV6-ROUTE', 'IPV6-FRAG', 'IPV6-OPTS', 'IPV6-NONXT', 'MOBILITY-HEADER');I have commented out that line and the new rule created by it works without issue.
Does anyone know why this has been added?
