From 36118bfc4901b0978d2c8f17912fe91ec66f35e8 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 6 Aug 2013 14:21:04 +0200
Subject: conntrackd: helpers: add DHCPv6 helper

This patch adds support for the DHCPv6 helper.

1) nfct helper add dhcpv6 inet6 udp
2) ip6tables -I OUTPUT -t raw -p udp --sport 546 -j CT --helper dhcpv6
3) run conntrackd

You should see:

% conntrack -L exp -f ipv6
279 proto=17 src=:: dst=ff02::1:2 sport=0 dport=546 mask-src=:: mask-dst=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff sport=0 dport=65535 master-src=fe80::221:ccff:fe4a:7f9c master-dst=ff02::1:2 sport=546 dport=547 PERMANENT class=0 helper=dhcpv6

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 doc/helper/conntrackd.conf | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'doc')

diff --git a/doc/helper/conntrackd.conf b/doc/helper/conntrackd.conf
index 56f5162..358ad10 100644
--- a/doc/helper/conntrackd.conf
+++ b/doc/helper/conntrackd.conf
@@ -62,6 +62,14 @@ Helper {
 			ExpectTimeout 300
 		}
 	}
+	Type dhcpv6 inet6 udp {
+		QueueNum 4
+		QueueLen 10240
+		Policy dhcpv6 {
+			ExpectMax 1
+			ExpectTimeout 300
+		}
+	}
 }
 
 #
-- 
cgit v1.2.3