Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Iptables rules for Miredo
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Chili0_
n00b
n00b


Joined: 09 Oct 2017
Posts: 20

PostPosted: Sun Dec 10, 2017 5:08 am    Post subject: Iptables rules for Miredo Reply with quote

I am using miredo, and have a fixed udp port 3554, want to config firewall rules.

it seems, iptables -P INPUT DROP and -P OUTPUT DROP block something, and ping6 lost dns or route.

Thx

Code:

#!/bin/bash
# Flushing all rules
iptables -F

## Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP

## Allow miredo
iptables -A INPUT -p udp --dport 3554 -j ACCEPT
iptables -A OUTPUT -p udp --sport 3554 -j ACCEPT



Code:

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.99  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::aa20:66ff:fe1e:abf  prefixlen 64  scopeid 0x20<link>
        ether a8:20:66:1e:0a:bf  txqueuelen 1000  (Ethernet)
        RX packets 52984  bytes 19245837 (18.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 92577  bytes 35344341 (33.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 28  bytes 10769 (10.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 28  bytes 10769 (10.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

teredo: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1280
        inet6 2001:0:d9331:c0d9:20c14:94381:9038:42d8  prefixlen 32  scopeid 0x0<global>
        inet6 fe80::53da:30b8:dab8:71c2  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::ffff:ffff:ffff  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 13831  bytes 10728730 (10.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 34238  bytes 3649423 (3.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
Back to top
View user's profile Send private message
SP2340
n00b
n00b


Joined: 01 Nov 2016
Posts: 50
Location: KeyStoneState

PostPosted: Thu Dec 14, 2017 2:27 am    Post subject: Reply with quote

-P INPUT DROP and -P OUTPUT DROP Only drop traffic that wasn't allowed by another rule.

You are aware that there are separate firewalls for IPv4 and IPv6?
IPTABLES - IPv4
IP6TABLES - IPv6

Are you also aware that the program you are looking at hasn't been updated in over 4 years? This leads to the question if it is still maintained.

For testing you could stop all firewalls and see if you can connect. If you still have issues then it isn't the firewall that is stopping you.
_________________
--
Regards
Robert

Smile, it increases your face value.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13496

PostPosted: Fri Dec 15, 2017 2:31 am    Post subject: Re: Iptables rules for Miredo Reply with quote

Chili0_ wrote:
it seems, iptables -P INPUT DROP and -P OUTPUT DROP block something, and ping6 lost dns or route.
What symptoms do you observe that led you to that conclusion?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum