diff options
Diffstat (limited to 'global/overlay/etc/puppet/modules/sunet/manifests')
-rw-r--r-- | global/overlay/etc/puppet/modules/sunet/manifests/server.pp | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/server.pp b/global/overlay/etc/puppet/modules/sunet/manifests/server.pp index 9215c8f..c4622fa 100644 --- a/global/overlay/etc/puppet/modules/sunet/manifests/server.pp +++ b/global/overlay/etc/puppet/modules/sunet/manifests/server.pp @@ -6,4 +6,16 @@ define sunet::server() { # Add prerequisites for ethernet bonding, if physical server sunet::ethernet_bonding { 'sunet_ethernet_bonding': } + # Ignore IPv6 multicast + ufw::deny { 'ignore_v6_multicast': + ip => 'ff02::1', + proto => 'any' # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :( + } + + # Ignore IPv6 multicast PIM router talk + ufw::deny { 'ignore_v6_multicast_PIM': + ip => 'ff02::d', + proto => 'any' # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :( + } + } |