kvmhost02: add fix_ipv6 script

itguru.at.fwb

@@ -2451,7 +2451,7 @@
       <ServiceGroup id="id1599X5690" name="TagServices" comment="" ro="False"/>
     </ServiceGroup>
     <ObjectGroup id="id1600X5690" name="Firewalls" comment="" ro="False">
-      <Firewall id="id8899X28426" host_OS="linux24" inactive="False" lastCompiled="1586886801" lastInstalled="1586886814" lastModified="1586886795" platform="iptables" version="" name="kvmhost02" comment="# BEGIN INIT INFO&#10;Provides:          firewall&#10;Required-Start:    $all&#10;Required-Stop:&#10;Default-Start:     2 3 4 5&#10;Default-Stop:&#10;Short-Description: Run firewall if it exist&#10;# END INIT INFO" ro="False">
+      <Firewall id="id8899X28426" host_OS="linux24" inactive="False" lastCompiled="1586938365" lastInstalled="1586939314" lastModified="1586938361" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
         <NAT id="id13393X65696" name="NAT" comment="" ro="False" ipv4_rule_set="True" ipv6_rule_set="False" top_rule_set="True">
           <NATRule id="id13395X65696" disabled="False" group="outgoing NAT" position="0" action="Translate" comment="NAT all outgoing mail traffic to mail IP">
             <OSrc neg="False">
@@ -3933,7 +3933,7 @@
           <Option name="action_on_reject"/>
           <Option name="activationCmd"/>
           <Option name="add_mgmt_ssh_rule_when_stoped">False</Option>
-          <Option name="add_rules_for_ipv6_neighbor_discovery">False</Option>
+          <Option name="add_rules_for_ipv6_neighbor_discovery">True</Option>
           <Option name="admUser">madhu</Option>
           <Option name="altAddress">kvmhost02.itguru.at</Option>
           <Option name="bridging_fw">False</Option>
@@ -3949,7 +3949,7 @@
           <Option name="data_dir"/>
           <Option name="debug">False</Option>
           <Option name="drop_invalid">False</Option>
-          <Option name="epilog_script"/>
+          <Option name="epilog_script">/root/fix_ipv6</Option>
           <Option name="firewall_dir">/etc/firewall/</Option>
           <Option name="firewall_is_part_of_any_and_networks">True</Option>
           <Option name="flush_and_set_default_policy">True</Option>
@@ -3981,7 +3981,7 @@
           <Option name="linux24_path_lsmod"/>
           <Option name="linux24_path_modprobe"/>
           <Option name="linux24_path_vconfig"/>
-          <Option name="linux24_rp_filter"/>
+          <Option name="linux24_rp_filter">1</Option>
           <Option name="linux24_tcp_ecn"/>
           <Option name="linux24_tcp_fack"/>
           <Option name="linux24_tcp_fin_timeout">0</Option>
@@ -3990,6 +3990,7 @@
           <Option name="linux24_tcp_syncookies"/>
           <Option name="linux24_tcp_timestamps"/>
           <Option name="linux24_tcp_window_scaling"/>
+          <Option name="linux317_ip_forward">1</Option>
           <Option name="load_modules">True</Option>
           <Option name="local_nat">False</Option>
           <Option name="log_all">False</Option>
@@ -4006,7 +4007,14 @@
           <Option name="modules_dir">/lib/modules/`uname -r`/kernel/net/</Option>
           <Option name="output_file"/>
           <Option name="prolog_place">top</Option>
-          <Option name="prolog_script"/>
+          <Option name="prolog_script"># BEGIN INIT INFO
+Provides:          firewall
+Required-Start:    $all
+Required-Stop:
+Default-Start:     2 3 4 5
+Default-Stop:
+Short-Description: Run firewall if it exist
+# END INIT INFO</Option>
           <Option name="scpArgs">-P 1848</Option>
           <Option name="script_name_on_firewall"/>
           <Option name="sshArgs">-p 1848</Option>
@@ -4015,6 +4023,7 @@
           <Option name="ulog_qthreshold">1</Option>
           <Option name="use_ULOG">False</Option>
           <Option name="use_iptables_restore">False</Option>
+          <Option name="use_kerneltz">False</Option>
           <Option name="use_m_set">False</Option>
           <Option name="use_numeric_log_levels">False</Option>
           <Option name="verify_interfaces">True</Option>