Allow using [SD]NPTV6 rules in INPUT/OUTOUT chains

1 files changed, 12 insertions, 5 deletions

diff --git a/README.txt b/README.txt
index 39e43e7..3b9cd9c 100644
--- a/README.txt
+++ b/README.txt
@@ -118,13 +118,20 @@ ip6tables -t mangle -A PREROUTING -d 2001:0DB8:0001::/48 -j DNPTV6 --to-destinat
 ip6tables -t mangle -A POSTROUTING -m mark --mark 42 -s FD01:0203:0405::/48 -j SNPTV6 --to-source 2001:0DB8:0001::/48
 ip6tables -t mangle -A POSTROUTING -o eth0 -s FD01:0203:0405::/48 -j SNPTV6 --to-source 2001:0DB8:0001::/48
 
+If the router running NPTv6 is offering services itself, additional rules are
+necessary for the services to be reachable by the external address:
+
+ip6tables -t mangle -A OUTPUT -d 2001:0DB8:0001::/48 -j MARK --set-mark 42
+ip6tables -t mangle -A OUTPUT -d 2001:0DB8:0001::/48 -j DNPTV6 --to-destination FD01:0203:0405::/48
+ip6tables -t mangle -A INPUT -m mark --mark 42 -s FD01:0203:0405::/48 -j SNPTV6 --to-source 2001:0DB8:0001::/48
+
 IPv6/IPv4 Precedence
 
-With (EKU)buntu and eventually with RedHat, you will notice that your browser
-does not show the IPv6 version of a web site that is multi-homed when using ULA
-addresses for your IPv6 Internet connection. The reason for this is an add on
-to the RFC 3484 rules that is compiled into the (EKU)buntu libc. The
-pre-installed /etc/gai.conf file will give you a hint on this.
+With most Linux distributions you will notice that your browser does not show
+the IPv6 version of a web site that is multi-homed when using ULA addresses for
+your IPv6 Internet connection. The reason for this is an add on to the RFC 3484
+rules that is compiled into the libc. The pre-installed /etc/gai.conf file will
+give you a hint on this.
 
 In short: the getaddrinfo() library function rates a private IPv4 address
 higher than the ULA IPv6 address when choosing the transport protocol for a new