[fli4l] IPv6 Portfilter Konfiguration

Do Jun 28 19:51:30 CEST 2012

Hallo Christoph,

Am 27.06.2012 23:34, schrieb Christoph Schulz:
> 
> Schick mal die Ausgabe von "ip6tables -L FORWARD" auf dem Router.
> Vielleicht kommen wir dann weiter.

cerberus 3.7.0-rev22205 # ip6tables -L FORWARD
Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all      anywhere             anywhere            state
RELATED,ESTABLISHED /* PF6_FORWARD_ACCEPT_DEF */
fwd-icmp   ipv6-icmp    anywhere             anywhere            /*
PF6_FORWARD_ACCEPT_DEF */
DROP       all      anywhere             localhost/128       state NEW
/* PF6_FORWARD_ACCEPT_DEF */
DROP       all      localhost/128        anywhere            state NEW
/* PF6_FORWARD_ACCEPT_DEF */
DROP       tcp      anywhere             anywhere            tcp dpt:139
/* PF6_FORWARD_1='tmpl:samba DROP' */
DROP       tcp      anywhere             anywhere            tcp dpt:445
/* PF6_FORWARD_1='tmpl:samba DROP' */
DROP       udp      anywhere             anywhere            udp
dpts:137:138 /* PF6_FORWARD_1='tmpl:samba DROP' */
ACCEPT     all      2001:XXX:XXXX:4711::/64  anywhere            /*
PF6_FORWARD_2='IPV6_NET_1 ACCEPT' */
ACCEPT     tcp      anywhere             hades.genlog.lan/128 tcp
dpt:www /* PF6_FORWARD_3='tmpl:http any
[2001:XXX:XXX:4711:XXX:XXXX:XXXX:xxxx] ACCEPT' */
ACCEPT     tcp      anywhere             hades.genlog.lan/128 tcp
dpt:https /* PF6_FORWARD_4='tmpl:https any
[2001:XXX:XXX:4711:XXX:XXXX:XXXX:xxxx] ACCEPT' */
ACCEPT     all      anywhere             2001:XXX:XXXX:4711::/64 /*
PF6_FORWARD_5='any IPV6_NET_1 ACCEPT' */
fw-rej     all      anywhere             anywhere

Sieht etwas unschön aus mit dem Zeilenumbruch... :-S

> 
> Alles wird gut :-)

Heute Abend doch eh ;-)

VG
Stephan