From 2a730e81c92ff9f96556ad03d881f2191a2e14a1 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Sun, 15 Apr 2018 20:42:55 +0200
Subject: [PATCH] upstream.iptables: default to accept icmp

---
 salt/upstream/iptables              | 2 ++
 salt/upstream/ipv6-tunnel-update.sh | 1 -
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/salt/upstream/iptables b/salt/upstream/iptables
index 1f3801c..eb024ce 100644
--- a/salt/upstream/iptables
+++ b/salt/upstream/iptables
@@ -9,6 +9,8 @@ fi
 if [ "$IFACE" = "{{ interface }}" ]; then
    iptables -A INPUT -i "$IFACE" -m state --state ESTABLISHED,RELATED -j ACCEPT
    ip6tables -A INPUT -i "$IFACE" -m state --state ESTABLISHED,RELATED -j ACCEPT
+   iptables -A INPUT -i "$IFACE" -p icmp -j ACCEPT
+   ip6tables -A INPUT -i "$IFACE" -p icmp -j ACCEPT
    iptables -A INPUT -i "$IFACE" -j DROP
    ip6tables -A INPUT -i "$IFACE" -j DROP
    iptables -P INPUT ACCEPT
diff --git a/salt/upstream/ipv6-tunnel-update.sh b/salt/upstream/ipv6-tunnel-update.sh
index d950e45..0bf95ec 100644
--- a/salt/upstream/ipv6-tunnel-update.sh
+++ b/salt/upstream/ipv6-tunnel-update.sh
@@ -1,4 +1,3 @@
 #!/bin/sh
 
-/usr/sbin/iptables -I INPUT -p icmp -j ACCEPT
 /usr/bin/curl "https://{{ username }}:{{ key }}@ipv4.tunnelbroker.net/nic/update?hostname={{ tunnel_id }}"