File tree Expand file tree Collapse file tree 2 files changed +23
-0
lines changed Expand file tree Collapse file tree 2 files changed +23
-0
lines changed Original file line number Diff line number Diff line change 1+ /ipv6 firewall filter
2+
3+ # INPUT
4+ add chain=input in-interface=6to4-tunnel1 action=jump jump-target=wan-to-mkt comment="Jump to wan-to-mkt rules"
5+ add chain=wan-to-mkt connection-state=established action=accept comment="Allow established connections"
6+ add chain=wan-to-mkt connection-state=related action=accept comment="Allow related connections"
7+ add chain=wan-to-mkt connection-state=invalid action=drop comment="Drop invalid connections"
8+ add chain=wan-to-mkt protocol=icmpv6 action=accept comment="Accept ICMP"
9+ add chain=wan-to-mkt action=drop log=yes log-prefix="6to4 INPUT:" comment="Log and drop everyting else"
10+
11+ # FORWARD
12+ add chain=forward in-interface=6to4-tunnel1 action=jump jump-target=wan-to-lan comment="Jump to wan-to-lan rules"
13+ add chain=wan-to-lan connection-state=established action=accept comment="Allow established connections"
14+ add chain=wan-to-lan connection-state=related action=accept comment="Allow related connections"
15+ add chain=wan-to-lan connection-state=invalid action=drop comment="Drop invalid connections"
16+ add chain=wan-to-lan action=drop log=yes log-prefix="6to4 FORWARD:" comment="Log and drop everyting else"
Original file line number Diff line number Diff line change 1+ /interface 6to4
2+ add name=6to4-tunnel1 local-address=123.45.67.89 remote-address=192.88.99.1 disabled=no
3+ /ipv6 address
4+ add address=2002:7b2d:4359::1/48 interface=6to4-tunnel1 advertise=no
5+ add address=2002:7b2d:4359:1::1/64 interface=bridge1
6+ /ipv6 route
7+ add distance=1 dst-address=2000::/3 gateway=6to4-tunnel1
You can’t perform that action at this time.
0 commit comments