Highest Voted 'ip6tables' Questions - Server Fault Stack Exchange

0

votes

1 answer

ip6tables rule to allow unrecognized next-header

I have a compliance test that is requiring my node to respond to unrecognized next-headers per RFC 2460. I am running a debian 3.16 kernel. My current firewall implementation is dropping these frames per the INPUT rule of DROP by default unless…

asked Apr 03 '17 at 18:18

broncofan7

1
3

0

votes

0 answers

Ip6tables centos 7 rule not working

The following rules were working for ipv4 addresses in iptables but using the same rules in ip6tables is not working. Currently all ipv6 addresses are being blocked. This rule set should allow https access from the single ip…

iptables centos7 ipv6 ip6tables

asked Feb 09 '17 at 11:47

Kline

247
1
5
17

0

votes

1 answer

Disable ICMPv6 Destination Unreachable replies

iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP The above command works for IPv4, what should be the command for IPv6 to drop the ICMPv6 destination-unreachable packets. I have tried to use ip6tables with but could not get…

iptables ipv6 icmpv6 ip6tables

asked Sep 30 '16 at 15:58

Shikhar Bhargava

11
1

0

votes

1 answer

ip6tables forward chain filters all ports

Trying the following on a centos 6 node (running openvz kernel) ip6tables -F ip6tables -X ip6tables -P FORWARD DROP ip6tables -A FORWARD -p tcp -m multiport --dports 21,22,80,443 -j ACCEPT ip6tables -A FORWARD -p udp -m multiport --dports…

centos6 ipv6 openvz ip6tables

asked Aug 05 '15 at 12:38

el5yeli

1
2

0

votes

1 answer

ip6tables port dropping and defaults

On CentOS 6, ip6tables is literally giving a nightmare on this machine. Having ip6tables -P INPUT ACCEPT ip6tables -P OUTPUT ACCEPT ip6tables -P FORWARD ACCEPT with ip6tables -A INPUT -p tcp -m multiport ! --dports 21,22,80,443 -j DROP ip6tables…

centos ipv6 ip6tables

asked Aug 01 '15 at 11:53

el5yeli

1
2

0

votes

0 answers

Using ip6tables with range

I'm trying to ban an ip range with ip6tables. I'm adding this line to /etc/sysconfig/ip6tables -A INPUT -s ::ffff:58.26.318.213 -j DROP But I want to ban everything that starts with 58.26 so that it bans ::ffff:58.26.318.214 and…

ip6tables

asked Jun 07 '15 at 00:37

Harry

101
2

0

votes

1 answer

IP6Tables: How to enable external access to MySQL?

How to enable external access to MySQL with rules on ip6tables? I have tried to the rules below, where after inserted I get access, but when server restart the access remains blocked. :INPUT DROP [2:144] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A…

mysql iptables remote ip6tables

asked May 24 '15 at 17:59

Diogo Braga

441
1
8
17

0

votes

2 answers

Differences between iptables and ip6tables processing of packets

I've reviewed a variety of netfilter, iptables, and ip6tables resources. I've searched Google, including StackExchange websites for information, and, I can't find easy or clear links to information regarding differences between how iptables and…

iptables ip6tables

asked Feb 14 '15 at 05:15

Dookie

11
1
2

0

votes

1 answer

Can we determine from email headers that these two IP6 addresses came from the same person?

I'm trying to determine whether the emails came from the same office or person, but lack the in-depth knowledge of IP6 and understanding of the meaning of the same "subnet prefix". From the email header, the IP6 from: Sender A:…

email-server ip6tables

asked Mar 19 '23 at 22:51

EDO

5
3

0

votes

0 answers

How to properly define ip6tables rule in ansible

On current system I have this rule for ip6tables -A INPUT -d -p udp -m udp --dport -m state --state NEW -j ACCEPT For new system I wrote an ansible playbook: - name: Allow someport for ipv6 ansible.builtin.iptables: chain:…

ansible ip6tables

asked Jun 21 '22 at 07:47

GarfieldCat

101
3

0

votes

2 answers

Network Security: Hardening IPv6 on Ubuntu Server?

I am familiar with hardening IPv4 on Ubuntu server, but when I use the same rules for IPv6 with ip6tables, the IPv6 connectivity is lost resulting in Destination unreachable: Address unreachable errors during ping. Could you please advise on how to…

networking security ipv6 hardening ip6tables

asked Jan 22 '22 at 06:34

lion

13
6

0

votes

1 answer

Disable outgoing IPv6 for specific users on linux

I would like to block outgoing IPv6 connections for specific users on linux machine. I don't want to disable IPv6 for whole system. How can I do it? I can do it using ip6tables and rejecting OUTPUT connections with icmp6-adm-prohibited or…

linux ipv6 ip6tables

asked Oct 21 '21 at 13:08

ndd

139
6

0

votes

1 answer

ufw route allow in on wg0 out on wg0 to 10.0.0.6/32

I use a WireGuard VPM to reversely connect to my home server via an external entry node. On that entry node, I try to add a firewall rule using ufw. Its purpose is to only allow routing to one and only one specific IP (10.0.0.6). So the basic setup…

iptables ufw wireguard ip6tables debian-10

asked Apr 25 '21 at 17:57

randmin

59
8

0

votes

1 answer

ipv6 and iptables - setting up basic rules

I have come to realise my IPv6 ports are not going through iptables, and thus are accessible for attacks. I haven't seen any yet, but I'm sure its only a matter of time. As such, I'm trying to shore up the firewall for ipv6. I came across this…

ipv6 ip6tables

asked Feb 23 '21 at 07:55

Andrew Newby

1,102
2
25
58

0

votes

1 answer

Routing ipv6 traffic from LAN to wg0

I have ipv6 connectivity over wg0 (a WireGuard interface), and my LAN has a local ipv6 network. From a desktop (Ubuntu 20.04.1) connected to the router (Ubuntu 20.04.1) with the LAN and wg0 (WireGuard) interfaces, I do: mtr --show-ips…

linux ubuntu ipv6 wireguard ip6tables

asked Nov 10 '20 at 14:39

Shunyata Kharg

109
3

Questions tagged [ip6tables]