[iptables] How can I allow ipv6 forward traffic to specified MAC?


my network support ipv6 (router and PC behind it both have global accessible public ipv6 address, but private ipv4 address), I have bittorrent running on PC, to make bittorrent accept more connection, I need to allow openwrt to allow ipv6 forward traffic from wan to my PC(openwrt default drop wan to lan establish traffic). I've confirmed this setup is working (my PC is reachable from outer through ipv6),

but my problem is : my wan ipv6 is dynamic, so my PC ipv6 is also dynamic , every time my wan/pc ipv6 changed, I have to re-create new firewall rules, I want the forward rule is binded to 'dest mac' but iptables can not match by 'dest-mac' .

have some notes but I don't know how to apply it to my setup. any help would be appreciated.

1 Like

Instead of the MAC address, I suggest filtering on the interface id part of the IPv6 address.
See this post for details:


Great! that's exactly what I need

Thanks for your information, I will take a try

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.