luci-app-firewall: rules: allow ICMPv6 ND types

The "Match ICMP Type" dropdown had entries for router
solicitation & router advertisements, but not the more
generic neighbour solicitation & neighbour advertisements.

A LAN cannot function without Neighbour Discovery; this
means that setting a LAN interface default input policy to
REJECT breaks IPv6 WAN access for all hosts on that LAN;
as they can no longer discover their gateway's MAC address.
This can be fixed with appropriate rules allowing ND input,
which this patch allows one to do in LuCI.

The spelling is the same as in [1].

[1] <https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=package/network/config/firewall/files/firewall.config>

Signed-off-by: Aaron Jones <aaronmdjones@gmail.com>

diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
index 4252cf36914109828b9d8cfd21aff4e389e8da80..e0c858fc419d098434fba3751cc4b71ae43451ad 100644 (file)
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
@@ -247,6 +247,8 @@ return L.view.extend({
                o.value('echo-request');
                o.value('router-advertisement');
                o.value('router-solicitation');
+               o.value('neighbour-advertisement');
+               o.value('neighbour-solicitation');
                o.value('time-exceeded');
                o.value('ttl-zero-during-transit');
                o.value('ttl-zero-during-reassembly');