At home I have a server running Fedora 25 which I'm using for routing my internet
connection, mail server etc.
I'm using a sixxs IPv6 tunnel for IPv6 connectivity and I'm using a internet
routed IPv6 subnet from sixxs on my home network.
Now the trouble starts;
I've configured an IPv6 address from the IPv6 subnet on my (home) network interface
which is connected to my home network and I'd like to have different rules for
internal and external hosts but this interface has zone "internal" for IPv4 and
it should be labelled "external" for IPv6.
I've tried working around this by adding a rich rule to drop all IPv6 traffic from the
zone public (this works) but I cannot add allow rules because the allow rules seem to be
handled after the deny rules...
Whould it be possible to use different zones for IPv4 and IPv6 on the same interface? Is
is possible to change the allow / deny order for the public zone?
If this isn't possible I guess I should add a VLAN for IPv6 to have different
interfaces for IPv4/6
Show replies by date