From ba12a45d8a2c2ad4ee090d57b0ddbc9148250130 Mon Sep 17 00:00:00 2001
From: Jeremy Dubois <jdubois@evolix.fr>
Date: Thu, 27 Jan 2022 10:15:45 +0100
Subject: [PATCH] Revert "Apply policy of IPv4 to IPv6"

This reverts commit f52971a173af8295029dfaaadf0e241ab9e406e5
which was a mistake : theses rules match a return packet
incoming on the server, not a new one.
---
 minifirewall.conf | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/minifirewall.conf b/minifirewall.conf
index 60851f9..7dc39c1 100644
--- a/minifirewall.conf
+++ b/minifirewall.conf
@@ -84,11 +84,11 @@ NTPOK='0.0.0.0/0'
 #####################
 
 # Example: allow input HTTP/HTTPS/SMTP/DNS traffic
-#/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 80 --match state --state ESTABLISHED,RELATED -j ACCEPT
-#/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT
-#/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT
-#/sbin/ip6tables -A INPUT -i $INT -p udp --sport 53 --match state --state ESTABLISHED,RELATED -j ACCEPT
-#/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 53 --match state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 80 --match state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/ip6tables -A INPUT -i $INT -p udp --sport 53 --match state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 53 --match state --state ESTABLISHED,RELATED -j ACCEPT
 
 # Example: allow output DNS, NTP and traceroute traffic
 /sbin/ip6tables -A OUTPUT -o $INT -p udp --dport 53 --match state --state NEW -j ACCEPT