From b8cd81bc6abf740981f6be5fdf0e28f4b2ec32cb Mon Sep 17 00:00:00 2001
From: "bruns@2mbit.com" <bruns@2mbit.com@e5899ace-8841-11de-95b9-8f387cfb8bc3>
Date: Sun, 16 May 2010 03:41:56 +0000
Subject: [PATCH]

---
 ChangeLog   | 3 +++
 rc.firewall | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 4deb9b3..f6fb1ab 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+0.8 - Brielle Bruns <bruns@2mbit.com>
+	- IPv6 Connection Tracking fixes
+
 0.7 - Brielle Bruns <bruns@2mbit.com>
 	- MSS Clamp on IPv6
 	- MSS Fixes, yes, its ugly
diff --git a/rc.firewall b/rc.firewall
index 975819d..6327998 100755
--- a/rc.firewall
+++ b/rc.firewall
@@ -236,6 +236,8 @@ if [ $IPV6 ]; then
 	if [ $IPV6ROUTEDCLIENTBLOCK ]; then
 		$IP6TABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 		$IP6TABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
+	        $IP6TABLES -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
+        	$IP6TABLES -A OUTPUT -m state --state NEW -j ACCEPT
 		$IP6TABLES -A FORWARD -i $IPV6INT -o $IPV6LAN -p tcp --syn -j DROP
 		$IP6TABLES -A INPUT -i $IPV6INT -p tcp --syn -j DROP
 		$IP6TABLES -A INPUT -i $IPV6INT -p udp ! --dport 32768:65535 -j DROP