|
Firewall issues & Shorewall6
![[ca]](/s/countries/ca.gif) Shadow Hawkins on Thursday, 01 November 2012 16:18:21
Having successfully got my IPv6 subnet up and running, using my RaspberryPi as a gateway I now find myself needing to install a firewall. I followed the instructions for Shorewall6, but as soon as I set it up I find connectivity from any computer on my subnet gets lost, other than the RPi itself.
I have played around with the firewall config in rules, zones, interfaces and policy files, but to no avail. It is almost as if there was something else I am missing. Can anyone help. I am not comfortable being without a firewall on my gateway.
/etc/shorewall6/interfaces:
#ZONEINTERFACEOPTIONS
net tun0
loc eth0
/etc/shorewall6/zones:
#ZONETYPEOPTIONSINOUT
#OPTIONSOPTIONS
fwfirewall
netipv6
locipv6
/etc/shorewall6/policy:
#SOURCEDESTPOLICYLOG LEVELLIMIT:BURST
net all REJECT notice
loc all ACCEPT
fw all ACCEPT
all all REJECT notice
/etc/shorewall6/rules:
###########################################################################################################################################################################
#ACTIONSOURCEDESTPROTODESTSOURCEORIGINALRATEUSER/MARKCONNLIMITTIME HEADERS SWITCH
#PORTPORT(S)DESTLIMITGROUP
#SECTION ALL
#SECTION ESTABLISHED
#SECTION RELATED
SECTION NEW
SSH(ACCEPT)net$FW
Ping(ACCEPT)net$FW
Firewall issues & Shorewall6
Shadow Hawkins on Thursday, 01 November 2012 16:26:20
I bit more digging and I came across entry 78 in the shorewall FAQ. Turns out I need to modify the shorewall6.conf file, so that:
Set IP_FORWARDING=On
|
Posting is only allowed when you are