Hi, I want use public net IPV6 for access my NAS when not in home, and I don't want others device use IPV6 because some site is not work well with IPV6 and it's not safe.
I had a try for config firewall and ip6tables to prevent dhcpv6, but it not worked.
How could I do this? Thanks very much.
Welcome to the community!
It uses the same OpenWrt firewall, so I'm not sure why you have this opinion.
@lleachii
Thank you very much, I configured on OpenWrt. My version is openwrt-23.05.0-x86-generic-generic-ext4-combined-efi
How could I configure with nft? like
ip6tables -N input_lan_rule
ip6tables -A input_lan_rule -i br-lan -p ipv6-icmp -m mac ! --mac-source MAC_ADDR -j DROP
ip6tables -A input_lan_rule -i br-lan -p udp --dport 547 -m mac ! --mac-source MAC_ADDR -j DROP
ip6tables-save
Thanks again.
do think about just using a VPN server on your router like openvpn
once you are connected it's like being on you home network
with the same access you have at home but via a secure means
You know that you can make firewall rules in /etc/config/firewall or the web GUI - correct?
On the advanced tab, you also set:
Do you need an example for the port 547?
@lleachii
Thanks, I had a try of configure with source MAC address, but it's not worked, when I add br-lan MAC and device MAC to source MAC address, others devices still got IPV6 address. When I only add device MAC address, the wan interface can't get IPV6 from ISP.
Did I missed something?