IPv6 prefix from the VPN server side

Hello.

This script

opkg update
opkg install kmod-ipt-nat6
cat << EOF > /etc/firewall.nat6
iptables-save --table="nat" \
| sed -e "/\s[DS]NAT\s/d" \
| ip6tables-restore --table="nat"
EOF
uci -q delete firewall.nat6
uci set firewall.nat6="include"
uci set firewall.nat6.path="/etc/firewall.nat6"
uci set firewall.nat6.reload="1"
uci commit firewall
service firewall restart

works fine from link: https://openwrt.org/docs/guide-user/services/vpn/openvpn/extra#dual-stack_gateway

But is it possible to activate it without script in LuCI?

1 Like

There's a bug which makes things difficult:
https://bugs.openwrt.org/index.php?do=details&task_id=500

You can save the iptables script here:
LuCI > Network > Firewall > Custom Rules

Though it may require option reload=1 which is not possible to enable via LuCI.

1 Like