Hi :~# cat /etc/shorewall/policy #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST lan all ACCEPT - $FW all ACCEPT - vpn lan ACCEPT - vpn $FW ACCEPT - *inet $FW DROP -* inet lan ACCEPT - all all ACCEPT -
root@816d1542-4549-1603-ed4b-f064baa63222:~# cat /etc/shorewall6/ cat: /etc/shorewall6/: Is a directory ~# cat /etc/shorewall6/policy #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST lan all ACCEPT - $FW all ACCEPT - vpn lan ACCEPT - vpn $FW ACCEPT - *inet6 $FW DROP info(ip_options,macdecode)* inet6 lan ACCEPT - all all ACCEPT - I have the above rules for shorewall and shorewall6. I am running dhcp and dhcpv6 server on vyos router in inet/inet6 zone, Even though i have a drop rule for packets from inet zone, dhcp interface is getting ipv4 address . But for ipv6 the advertise packets(packets from dhcpv6 server) are getting dropped by the firewall. Why is this happening? Any input will be helpful. Thanks, Nag
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users