1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IPv6 - Disable Firewall (all ports forwarded)

Discussion in 'Tomato Firmware' started by Morlok8k, Jun 9, 2014.

  1. Morlok8k

    Morlok8k Connected Client Member

    I thought i'd drop this info here for others.

    To allow all IPv6 traffic without Firewalling, add the following to your WAN-UP script:
    Code:
    # Disable IPv6 firewall
    # ip6tables -P INPUT ACCEPT  ## Opening this will let anyone on the internet have access to the router itself.
    ip6tables -P OUTPUT ACCEPT
    ip6tables -P FORWARD ACCEPT
    My goal was to have totally open IPv6 addresses to all computers on my LAN.

    My stats: Shibby Tomato v119. "MIPSR2-119 K26 USB Big-VPN" on a Linksys WRT610N v2.
    Comcast, with native IPv6 dualstack.
     
    Last edited: Jun 19, 2014
  2. RMerlin

    RMerlin Network Guru Member

    Be aware that by also clearing the INPUT chain and setting its policy to ACCEPT, you are also allowing your router itself to become available on the Internet, not just your LAN devices.
     
  3. Morlok8k

    Morlok8k Connected Client Member

    so, by not doing the INPUT chain, it would still leave my LAN devices open? or would i specifically want to block the router?

    EDIT: some googling has told me that the INPUT chain is for the router itself, and that the FORWARD chain is for NET->LAN and OUTPUT is router (&LAN?)->NET.

    I'll try this out when i get home.
     
    Last edited: Jun 9, 2014
  4. Morlok8k

    Morlok8k Connected Client Member

    oh i forgot to check back in here, but yes, this seems to have worked.
     

Share This Page