Re: Will this iptables script work as an ip6tables script?

[Gustavo Lima <ghtp25@gmail.com>]

1) You must prohibit reserved external prefixes. Example: iptables -A INPUT -s 3dde::/16 -j DROP
Among the reserved prefixes you will find: 2001:2::/48 (rfc 5156), 2001:10::/28 (rfc 4843), 2001:db8::/32 (rfc 3849)

2)  If you want to release to the local link ips: iptables -A INPUT -s ff02::1 -j ACCEPT

3) Some ICMP messages can not be blocked because IPv6 works other than IPv4. Are they: 1, 2, 3, 4, 128, 129, 130, 131, 132, 133, 134, 135, 141, 142, 143, 148, 149, 151, 152, 153

Exemple: iptables -A INPUT -p icmpv6 --icmpv6-type 135 -d YOU -j ACCEPT

To understand this see the rfc 4890

4) If you know nothing about IPv6 and are looking for information to use it, congratulations. This is the attitude we need to develop this protocol

2017-04-04 5:58 GMT-03:00 Jiangsu Kumquat <reply@mynetblog.com>:

I like this iptables script:

http://pingie.debus.free.fr/iptables/index.php

What I like about it is that it filters a lot of bad packets from getting through and packets that are not supposed to be getting through the firewall.

I have it loading as soon as my Ethernet device comes online.

What I want to know is if it will work okay using ip6tables?

I know virtually nothing about IPv6 and am hesitant to put it online if it did work. So, I would really appreciate it is someone would look it over and tell me what you think about it.