Hi,

any help with this will be highly appreciated.

Now I have IPv6 disabled in my home network.

-Paavo

Hi,

I’m running firewalld in a router that connects the devices in my home LAN to internet.

I have recently added IPv6 DHCPv6 config to the router, and prefix delegation works, so

the devices in my home LAN get proper IPv6 addresses.

However, I don’t like the idea that all IPv6 enabled devices in my home LAN have public

IPv6 addresses. I’d very much prefer simple IPv4 -style NAT approach to protect the

devices in home LAN from being accessed from the internet.

How do I implement something like this with firewalld in the router?

wanif=eth0

lanif=eth1

ip6tables -A FORWARD -m state --state NEW -i $lanif -o $wanif -j ACCEPT

ip6tables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

ip6tables -P FORWARD DROP

Other ways to protect the devices in my home LAN being accessed from the internet?

-Paavo