This is an old revision of the document!

#!/bin/bash IPT6=“/sbin/ip6tables” PUBIF=“eth0” echo “Starting IPv6 firewall…” $IPT6 -F $IPT6 -X $IPT6 -t mangle -F $IPT6 -t mangle -X

#unlimited $IPT6 -A INPUT -i lo -j ACCEPT $IPT6 -A OUTPUT -o lo -j ACCEPT

# DROP all incomming traffic $IPT6 -P INPUT DROP $IPT6 -P OUTPUT DROP $IPT6 -P FORWARD DROP

# Allow full outgoing connection but no incomming stuff $IPT6 -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT $IPT6 -A OUTPUT -m state –state NEW,ESTABLISHED,RELATED -j ACCEPT

# allow incoming ICMP ping pong stuff $IPT6 -A INPUT -p ipv6-icmp -j ACCEPT $IPT6 -A OUTPUT -p ipv6-icmp -j ACCEPT

############# add your custom rules below ############ $IPT6 -A INPUT -p tcp –destination-port 22 -j ACCEPT

#### no need to edit below ### # log everything else $IPT6 -A INPUT -j LOG $IPT6 -A INPUT -j DROP

##ip6tables -A INPUT –protocol icmpv6 –icmpv6-type echo-request -j ACCEPT –match limit –limit 30/minute