[TriLUG] OpenWRT, IPv6 and Firewall

Brian McCullough bdmc at buadh-brath.com
Mon Feb 3 07:18:35 EST 2014


On Sun, Feb 02, 2014 at 11:55:46PM -0500, Igor Partola wrote:
> Brian,
> 
> I believe this is what you are looking for. At least this form works for me
> for OpenVPN and a few other services.
> 
> config rule
> option target 'ACCEPT'
> option src 'wan'
> option dest 'lan'
> option name 'Mail-v6-tcp'
> option family 'ipv6'
> option proto 'tcp'
> option dest_port '25'
> option dest_ip '2001:470:xxxx:xxxx::133'

Thank you, Igor.  That's what a second set of eyes is all about.  I was
only thinking of duplicating the IPv4 code, but you're correct.  I need
to think differently.


> (I am sure there is some way to specify both TCP and UDP in one rule by
> either listing both as the value for "proto" or by omitting that line, but
> you can always break up both. Sorry, it's too late for me too look it up in
> the docs.)

Yes, I have seen "tcp udp" and "tcpudp" in different places, so I think
you're right.



> Hope that resolves the issue for you.

I suspect that it will, thanks.


I will work on that later, but clients come first.


B-)




More information about the TriLUG mailing list