I want to expose some device in LAN with public IPv6, to the internet, and since WAN->LAN is rejected by default, I think I probably need to add some exempt rule, and since my IPv6 PD is dynamic, I opt to use MAC address, where if the destination MAC address matches my device, the WAN->LAN connections should be allowed
But it seems fw4 only allows matching source MAC address? Exposing LAN devices should a pretty popular use case, I guess there must be some others way to achieve that? Would appreciate if someone could shed some light.
Thanks for the suggestion, I was about to ask that. My device doesn't support the DDNS service I use, but OpenWRT DDNS client does, and centralizing my DDNS would also be nice. I wonder if there is an easy way like the hostid matching trick to directly upload my device's IPv6 with OpenWRT's DDNS client?
I'm not aware of anything pre-made to take care of that, it would probably require original development. Starting a DDNS update service on the exposed host is typically the easiest way out of this issue (but obviously not the only one).