From b90260ae286290a212663dea62ef8e4e2d9055de Mon Sep 17 00:00:00 2001
From: Ludovic Poujol <lpoujol@evolix.fr>
Date: Fri, 15 Dec 2017 14:49:21 +0100
Subject: [PATCH] minifirewall: Make outgoing SSH in IPv6 works

---
 minifirewall/files/minifirewall.conf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/minifirewall/files/minifirewall.conf b/minifirewall/files/minifirewall.conf
index a15f78b2..0158e4ca 100644
--- a/minifirewall/files/minifirewall.conf
+++ b/minifirewall/files/minifirewall.conf
@@ -77,7 +77,8 @@ NTPOK='0.0.0.0/0'
 # Example: allow SSH from Trusted IPv6 addresses
 /sbin/ip6tables -A INPUT -i $INT -p tcp --dport 22 -s 2a01:9500:37:129::/64 -j ACCEPT
 
-# Example: allow input HTTP/HTTPS/SMTP/DNS traffic
+# Example: allow outgoing SSH/HTTP/HTTPS/SMTP/DNS traffic 
+/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 22 --match state --state ESTABLISHED,RELATED -j ACCEPT
 /sbin/ip6tables -A INPUT -i $INT -p tcp --sport 80 --match state --state ESTABLISHED,RELATED -j ACCEPT
 /sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT
 /sbin/ip6tables -A INPUT -i $INT -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT