Make before6.rules follow RFC 4890

I guess you are referring to section 4.4 (specifically 4.4.1), however I found this document to be pretty unclear. The shipped ufw configuration is for a host-based firewall. While the RFC states 3 types are defined in the report (router, bridge and 'end host'), the 'end host' is not clearly defined (at least for me). In fact, section 4.4 references a multi-homed host and not the 'end host'. While I definitely want to let through appropriate icmpv6 messages, I need more information before adding the ones you suggest (in fact, you patch misses some that the RFC said must not be denied, furthering the confusion).

I think I would at this point prefer to wait for bugs to come in indicating that ufw's current configuration is broken rather than trying to fix it and possibly getting it wrong. That is unless someone can provide clarity on this (with authoritative references). I am going to mark this as 'Incomplete' for now.

Sounds fair -- I mainly noticed this because UFW was being very noisy blocking multicast packets (codes 151-153). I found this RFC and by adding the ICMP codes, I found that it made UFW much quieter, plus seemed to be more "standards compliant" (whatever that means anymore). And now that you point it out, I realize that I forgot "Inverse Neighbor Discovery Solicitation (Type 141)" and "Inverse Neighbor Discovery Advertisement (Type 142)" -- I've re-uploaded the patch to fix this (and added descriptions!).

As for the distinction between router/bridge/end host, it seemed to me that the section at 4.4 fit best based on the description, "This section recommends filtering rules for ICMPv6 traffic addressed to an interface on a firewall." Since ufw is a host-based firewall, these should be a good starting point -- of course individual users can add more types if the so desire, but it seems like these would be the ones to have as the default.