Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2025-04-29 20:44:24 +02:00
Code Issues Projects Releases Packages Wiki Activity

Added ip6tables config

DL6ER 2017-01-26 13:41:39 +01:00
parent 21ce70d259
commit aa75576db3
1 changed files with 37 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

38
Pi-hole---OpenVPN-server.md

@ -146,4 +146,40 @@ num pkts bytes target prot opt in out source destina
Chain OUTPUT (policy ACCEPT 83 packets, 11305 bytes)
num pkts bytes target prot opt in out source destination
</pre>
while there might be other rules in your table. Note that the order of the list entries matters!
while there might be other rules in your table. Note that the order of the list entries matters!
---
### Optional: IPv6
Note that you will have to repeat the firewall setup using `ip6tables` if your server is also reachable via IPv6:
```
sudo ip6tables -A INPUT -i tun0 -p tcp --destination-port 53 -j ACCEPT
sudo ip6tables -A INPUT -i tun0 -p tcp --destination-port 80 -j ACCEPT
sudo ip6tables -A INPUT -i tun0 -p udp --destination-port 53 -j ACCEPT
sudo ip6tables -A INPUT -i tun0 -p udp --destination-port 80 -j ACCEPT
sudo ip6tables -A INPUT -p tcp --destination-port 53 -j DROP
sudo ip6tables -A INPUT -p tcp --destination-port 80 -j DROP
sudo ip6tables -A INPUT -p udp --destination-port 53 -j DROP
sudo ip6tables -A INPUT -p udp --destination-port 80 -j DROP
```
```
sudo ip6tables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp anywhere anywhere tcp dpt:domain
ACCEPT tcp anywhere anywhere tcp dpt:http
ACCEPT udp anywhere anywhere udp dpt:domain
ACCEPT udp anywhere anywhere udp dpt:http
DROP tcp anywhere anywhere tcp dpt:domain
DROP tcp anywhere anywhere tcp dpt:http
DROP udp anywhere anywhere udp dpt:domain
DROP udp anywhere anywhere udp dpt:http
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
```