From 15adcae3316b88b6ca7d7d9d530c6225af42351d Mon Sep 17 00:00:00 2001
From: ohrensessel <git@ohrensessel.net>
Date: Sun, 19 Oct 2014 16:02:30 +0200
Subject: [PATCH] Fix ebtables dhcpv6 rules

the ports were interchanged, see the following packet flow:

client:546 --> [ff02::1:2]:547
server:547 --> client:546

therefore we need to allow outgoing multicast packets with dst-port 547
and unicast packets from bat0 to clients with dst-port 546 and 547 in the other direction
---
 .../files/lib/gluon/ebtables/110-mcast-allow-dhcpv6       | 2 +-
 .../files/lib/gluon/ebtables/200-dir-dhcpv6               | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-dhcpv6 b/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-dhcpv6
index d156de4f9..6d7f0f557 100644
--- a/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-dhcpv6
+++ b/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-dhcpv6
@@ -1 +1 @@
-rule 'MULTICAST_OUT -p IPv6 --ip6-protocol udp --ip6-destination-port 546 -j RETURN'
+rule 'MULTICAST_OUT -p IPv6 --ip6-protocol udp --ip6-destination-port 547 -j RETURN'
diff --git a/package/gluon-ebtables-filter-ra-dhcp/files/lib/gluon/ebtables/200-dir-dhcpv6 b/package/gluon-ebtables-filter-ra-dhcp/files/lib/gluon/ebtables/200-dir-dhcpv6
index d433cdde4..470a76489 100644
--- a/package/gluon-ebtables-filter-ra-dhcp/files/lib/gluon/ebtables/200-dir-dhcpv6
+++ b/package/gluon-ebtables-filter-ra-dhcp/files/lib/gluon/ebtables/200-dir-dhcpv6
@@ -1,5 +1,5 @@
-rule 'FORWARD -p IPv6 --ip6-protocol udp --ip6-destination-port 546 -j OUT_ONLY'
-rule 'OUTPUT -p IPv6 --ip6-protocol udp --ip6-destination-port 546 -j OUT_ONLY'
+rule 'FORWARD -p IPv6 --ip6-protocol udp --ip6-destination-port 547 -j OUT_ONLY'
+rule 'OUTPUT -p IPv6 --ip6-protocol udp --ip6-destination-port 547 -j OUT_ONLY'
 
-rule 'FORWARD -p IPv6 --ip6-protocol udp --ip6-destination-port 547 -j IN_ONLY'
-rule 'INPUT -p IPv6 --ip6-protocol udp --ip6-destination-port 547 -j IN_ONLY'
+rule 'FORWARD -p IPv6 --ip6-protocol udp --ip6-destination-port 546 -j IN_ONLY'
+rule 'INPUT -p IPv6 --ip6-protocol udp --ip6-destination-port 546 -j IN_ONLY'
-- 
GitLab