From 86ffdfc916fa94107982371a4c1b247f1511256b Mon Sep 17 00:00:00 2001
From: Tristan PILAT <tpilat@evolix.fr>
Date: Wed, 18 Nov 2020 18:01:09 +0100
Subject: [PATCH] Accept any ICMPv6 input traffic

---
 minifirewall-start.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/minifirewall-start.sh b/minifirewall-start.sh
index 42d743b..a05553b 100755
--- a/minifirewall-start.sh
+++ b/minifirewall-start.sh
@@ -165,6 +165,7 @@ $NFT add rule inet minifirewall minifirewall_input ct state invalid drop
 
 # ICMP and IGMP traffic is accepted
 $NFT add rule inet minifirewall minifirewall_input ip protocol icmp accept
+$NFT add rule inet minifirewall minifirewall_input meta l4proto ipv6-icmp accept
 $NFT add rule inet minifirewall minifirewall_input ip protocol igmp accept
 
 # New UDP traffic from blocked IPs jumps to the private_udp_ports chain