Re: ip6tables on C7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Gordon Messmer wrote:
> On 10/26/18, Andrew Pearce <andrew@xxxxxxxxxxxx> wrote:
>
>> On 2018-10-26 16:25, mark wrote:
>> I believe this should remove any ipv6 rules (rules and chains)
>>
>> ip6tables -F ip6tables -X
>
> You might want to clear the other tables, too:
>
>
> for x in filter nat mangle raw security "" do ip6tables ${x:+-t $x} -F
> ip6tables ${x:+-t $x} -X done
>
>> You may need to set the default policies as well, as they I belive are
>> to deny all incoming and unrestricted outgoing
>>
>> ip6tables -P INPUT DROP ip6tables -P FORWARD DROP ip6tables -P OUTPUT
>> ACCEPT
>>
>
> firewalld appears to leave the policies as ACCEPT, which is their
> default.

I think y'all misunderstood me - I just want to say "turn off", run my
script to test it, and turn it back on.

However, I found out something: iptables -L gives the rules,
also....*only* for IPv4; ip6tables -L does the same for only 6. And it
does look as though by shutting down ip6tables, it did turn them off -
ip6tables shows on 8 lines, which are all aCCEPT. I'd been looking at the
o/p of iptalbes-save, and ip6tables-save.

Thanks, though.

         mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux