jeremy ardley <[email protected]> writes: > On 9/2/23 17:13, Anssi Saari wrote: >> If forwarding is not enabled, then the LAN IPv6 hosts are just as >> isolated from incoming traffic from the internet as hosts behind NAT. >> > If you don't have IPv6 forwarding on the router then none of your > internal hosts will be able to communicate on IPv6 beyond your > router.
> with ip6tables it's dead easy to block unsolicited connections yet > still allow outgoing and incoming related/established traffic. Which is exactly what I mean. Those rules go in the forward chain hence I call it forwarding. I know there's the other forwarding too on the kernel level but it's not really relevant for the reason you gave.
