Saturday, July 11, 2015

Openwrt: Allow all incoming IPv6 traffic

I run OpenWrt Barrier Breaker 14.07 on my router. Default it blocks all incoming IPv6 traffic. To accept all incoming IPv6 traffic, I did this:

In the file /etc/firewall.user put this:

ip6tables -F
ip6tables -X
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -P INPUT ACCEPT
ip6tables -P OUTPUT ACCEPT
ip6tables -P FORWARD ACCEPT

Saven and exit. Then

/etc/init.d/firewall restart

And that's it! All my IPv6 hosts are open to Internet.

Starting Nmap 6.40 ( http://nmap.org ) at 2015-07-11 12:05 CEST
Nmap scan report for 2001:bad:cafe::1
Host is up (0.0055s latency).
Not shown: 988 closed ports
PORT     STATE    SERVICE
22/tcp   open     ssh
25/tcp   filtered smtp
80/tcp   open     http
139/tcp  open     netbios-ssn
445/tcp  open     microsoft-ds
6666/tcp filtered irc
6667/tcp filtered irc
6668/tcp filtered irc
6669/tcp filtered irc
7000/tcp filtered afs3-fileserver
8080/tcp open     http-proxy
9999/tcp filtered abyss

Nmap done: 1 IP address (1 host up) scanned in 18.02 seconds

As that's a bit too much, I'll now close down the firewall a bit.


No comments: