The current firewall policy allows all ICMPv6 except echo requests in on the local network. We could instead drop by default and only allow the types that are known to be required:
https://resources.sei.cmu.edu/tools/downloads/vulnerability-analysis/assets/IPv6/ip6tables_rules.txt
The current firewall policy allows all ICMPv6 except echo requests in on the local network. We could instead drop by default and only allow the types that are known to be required:
https://resources.sei.cmu.edu/tools/downloads/vulnerability-analysis/assets/IPv6/ip6tables_rules.txt