| View previous topic :: View next topic |
| Author |
Message |
Chili0_
n00b
Joined: 09 Oct 2017
Posts: 26
|
 Posted: Sun Dec 10, 2017 5:08 am Post subject: Iptables rules for Miredo |
 |
|
I am using miredo, and have a fixed udp port 3554, want to config firewall rules.
it seems, iptables -P INPUT DROP and -P OUTPUT DROP block something, and ping6 lost dns or route.
Thx
| Code: |
#!/bin/bash
# Flushing all rules
iptables -F
## Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP
## Allow miredo
iptables -A INPUT -p udp --dport 3554 -j ACCEPT
iptables -A OUTPUT -p udp --sport 3554 -j ACCEPT
|
| Code: |
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.99 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::aa20:66ff:fe1e:abf prefixlen 64 scopeid 0x20<link>
ether a8:20:66:1e:0a:bf txqueuelen 1000 (Ethernet)
RX packets 52984 bytes 19245837 (18.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 92577 bytes 35344341 (33.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 28 bytes 10769 (10.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 28 bytes 10769 (10.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
teredo: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1280
inet6 2001:0:d9331:c0d9:20c14:94381:9038:42d8 prefixlen 32 scopeid 0x0<global>
inet6 fe80::53da:30b8:dab8:71c2 prefixlen 64 scopeid 0x20<link>
inet6 fe80::ffff:ffff:ffff prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 13831 bytes 10728730 (10.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34238 bytes 3649423 (3.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
|
|
| Back to top |
|
 |
SP2340
n00b
Joined: 01 Nov 2016
Posts: 50
Location: KeyStoneState
|
| Posted: Thu Dec 14, 2017 2:27 am Post subject: |
|
|
-P INPUT DROP and -P OUTPUT DROP Only drop traffic that wasn't allowed by another rule.
You are aware that there are separate firewalls for IPv4 and IPv6?
IPTABLES - IPv4
IP6TABLES - IPv6
Are you also aware that the program you are looking at hasn't been updated in over 4 years? This leads to the question if it is still maintained.
For testing you could stop all firewalls and see if you can connect. If you still have issues then it isn't the firewall that is stopping you.
_________________
--
Regards
Robert
Smile, it increases your face value. |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 16478
|
| Posted: Fri Dec 15, 2017 2:31 am Post subject: Re: Iptables rules for Miredo |
|
|
| Chili0_ wrote: | | it seems, iptables -P INPUT DROP and -P OUTPUT DROP block something, and ping6 lost dns or route. |
What symptoms do you observe that led you to that conclusion? |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
