Skip to content

Instantly share code, notes, and snippets.

@kerus1024

kerus1024/ipv6_ip6tables_default.bash

Created August 6, 2022 08:52
Show Gist options
  • Save kerus1024/69227f10edb9b4c8dcb67cf3c7366ca9 to your computer and use it in GitHub Desktop.
Save kerus1024/69227f10edb9b4c8dcb67cf3c7366ca9 to your computer and use it in GitHub Desktop.
Download ZIP
IPv6 iptables
Raw
ipv6_ip6tables_default.bash
ip6tables --policy INPUT DROP;
ip6tables --policy OUTPUT ACCEPT;
ip6tables --policy FORWARD DROP;
ip6tables -Z;
ip6tables -F;
ip6tables -X;
ip6tables -t nat -F
ip6tables -t mangle -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -I INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type router-advertisement -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
# Response for unix traceroute
ip6tables -A INPUT -p udp --dport 33434:33523 -j REJECT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment