TIP: Click on subject to list as thread! ANSI
echo: ipv6
to: Tommi Koivula
from: Michiel van der Vlist
date: 2021-10-11 23:45:00
subject: UFW and he.net
Hello Tommi,

Monday October 11 2021 20:29, I wrote to you:

 MV> That outgoing IPv6 works does not automatically imply that it is open
 MV> for unsollicited incoming protocol 41 packets.

This is what I wrote 10 years ago in my Fidonews article titled "A second life for the linksys Part 1"

=== quote ===

If you get this result your tunnel is working. To enable incoming
pings however you need to open the firewall for protocol 41. Protocol
41 is the protocol used for 6in4 tunneling. The firewall of openwrt is
closed for all unsollicited incoming packets by default. Bij pinging
out over IPv6, the firewall is opened for protocol 41, and it can be
pinged from outside, but it closes again after a minute or two. Add
the following lines to /etc/config/firewall to keep the tunnel open
permanently:

[code]

# Accept proto 41 so it always reaches the tunnel endpoint

config  rule
        option  src     wan
        option  proto   41
        option  target  ACCEPT
[/code]


=== end quote ===



Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: he.net certified sage (2:280/5555)
SOURCE: echomail via QWK@pharcyde.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.