Last active
January 11, 2024 09:20
-
-
Save dillonhafer/d70521aa38a6fa309dfc14caf1156970 to your computer and use it in GitHub Desktop.
Revisions
-
Dillon Hafer revised this gist
Mar 17, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -57,4 +57,4 @@ set dhcpv6-pd pd 0 interface switch0 prefix-id :0 set dhcpv6-pd pd 0 interface switch0 service slaac top commit ; save -
Jan 15, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,60 @@ # Taken from https://medium.com/@nurblieh/ipv6-on-the-edgerouter-lite-c95e3cc8d49d # just a copy in case that goes away someday # eth1 is my WAN # switch0 is my LAN configure # Firewall Rule 1/2 edit firewall ipv6-name WAN6_IN set default-action drop set rule 10 action accept set rule 10 description "allow established" set rule 10 protocol all set rule 10 state established enable set rule 10 state related enable set rule 20 action drop set rule 20 description "drop invalid packets" set rule 20 protocol all set rule 20 state invalid enable set rule 30 action accept set rule 30 description "allow ICMPv6" set rule 30 protocol icmpv6 top # Firewall Rule 2/2 edit firewall ipv6-name WAN6_LOCAL set default-action drop set rule 10 action accept set rule 10 description "allow established" set rule 10 protocol all set rule 10 state established enable set rule 10 state related enable set rule 20 action drop set rule 20 description "drop invalid packets" set rule 20 protocol all set rule 20 state invalid enable set rule 30 action accept set rule 30 description "allow ICMPv6" set rule 30 protocol icmpv6 set rule 40 action accept set rule 40 description "allow DHCPv6 client/server" set rule 40 destination port 546 set rule 40 source port 547 set rule 40 protocol udp top # Attach the policies to WAN interface (eth1) set interfaces ethernet eth1 firewall in ipv6-name WAN6_IN set interfaces ethernet eth1 firewall local ipv6-name WAN6_LOCAL # Start the show 😉 edit interfaces ethernet eth1 set dhcpv6-pd pd 0 prefix-length /64 set dhcpv6-pd pd 0 interface switch0 host-address ::1 set dhcpv6-pd pd 0 interface switch0 prefix-id :0 set dhcpv6-pd pd 0 interface switch0 service slaac top commit
Dillon Hafer
revised
this gist