Commit 5498fe4c authored by Cédric BRINER's avatar Cédric BRINER Committed by Cédric BRINER
Browse files

doc_ipf6 documentation for the ipv6 firewall

parent 084ae207
......@@ -362,14 +362,36 @@ eof
| gsed "/${ipv4}/i ${ipv6} ${official_hostname_n_aliases}" \
> /etc/hosts
pg "done"
#
# à la mano
doc_ipf6
echo ""
echo "# -----------------------------------------"
echo "# reboot and test"
echo "init 6"
}
function doc_ipf6()
{
echo "# -----------------------------------------"
echo "# ipv6"
echo "cd /etc/ipf"
echo "saveback ipf6.conf"
echo "vim ipf6.conf"
echo "# add line to allow 80 n 443"
echo "pass in quick proto tcp from any to any port = 80 group i_global"
echo "pass in quick proto tcp from any to any port = 443 group i_global"
echo "# ssh be a bit more polite a send a rst to the client"
echo "block return-rst in quick proto tcp from 2001:620:600::0/48 to any port = 22 group i_global"
echo "block return-rst in quick proto tcp from fd69:620:600::0/48 to any port = 22 group i_global"
}
function usage()
{
pb "Usage: $0"
pb " disable-ndp: turn off stateless(ra), stateful(dhcp), tmpaddr (privacy)"
pb " enable-stateless-only: turn on stateless(ra). turn off stateful(dhcp) & tmpaddr (privacy)"
pb " off-to-ipv6-static: go from a disabled ipv6 to an activation of ipv6 static"
pb " doc-ipf6: get a documentation of how to modify ipf6.conf"
}
case $1 in
......@@ -382,6 +404,9 @@ case $1 in
off-to-ipv6-static)
off_to_static
;;
doc-ipf6)
doc_ipf6
;;
-h)
usage
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment