Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
Next revision Both sides next revision
linux:firewall6 [2008/11/28 10:08]
greebo created
linux:firewall6 [2012/01/16 12:28]
109.230.216.60 qDfsmxVUvHHAUQTt
Line 1: Line 1:
-#!/bin/bash +AFAICT you've coeevrd all the bases with this answer!
-IPT6="/sbin/ip6tables" +
-PUBIF="eth0" +
-echo "Starting IPv6 firewall..." +
-$IPT6 -F +
-$IPT6 -X +
-$IPT6 -t mangle -F +
-$IPT6 -t mangle -X +
- +
-#unlimited +
-$IPT6 -A INPUT -i lo -j ACCEPT +
-$IPT6 -A OUTPUT -o lo -j ACCEPT +
- +
-# DROP all incomming traffic +
-$IPT6 -P INPUT DROP +
-$IPT6 -P OUTPUT DROP +
-$IPT6 -P FORWARD DROP +
- +
-# Allow full outgoing connection but no incomming stuff +
-$IPT6 -A INPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT +
-$IPT6 -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT +
- +
-# allow incoming ICMP ping pong stuff +
-$IPT6 -A INPUT -p ipv6-icmp -j ACCEPT +
-$IPT6 -A OUTPUT -p ipv6-icmp -j ACCEPT +
- +
-############# add your custom rules below ############ +
-$IPT6 -A INPUT -p tcp --destination-port 22 -j ACCEPT +
- +
-#### no need to edit below ### +
-# log everything else +
-$IPT6 -A INPUT -j LOG +
-$IPT6 -A INPUT -j DROP +
- +
-##ip6tables -A INPUT --protocol icmpv6 --icmpv6-type echo-request -j ACCEPT --match limit --limit 30/minute+
linux/firewall6.txt · Last modified: 2012/10/19 09:39 by zagi
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready