ip6tables -I INPUT 3 -s $pdprefix::/$prefixsize -j ACCEPT
---- End
This script inserts a rule permitting my subnet to get out
yes, around 7-8 dependant files needed for ip6tables..i downloaded those manually also..kind of a pain, but necessary to install..
i pasted in bascom's script, but ip6tables blocked my testip6.com...0/10..
Ip -6 route show should give you a better idea why
Fairly sure the ppp0 needs to be changed to vlan2. Like I said in my previous post I had the same issue needed to add a line to iptables allowing subnet as source
ip6tables -I INPUT 3 -s $pdprefix::/$prefixsize -j ACCEPT
---- End
This script inserts a rule permitting my subnet to get out
yes, around 7-8 dependant files needed for ip6tables..i downloaded those manually also..kind of a pain, but necessary to install..
i pasted in bascom's script, but ip6tables blocked my testip6.com...0/10..
Ip -6 route show should give you a better idea why
Fairly sure the ppp0 needs to be changed to vlan2. Like I said in my previous post I had the same issue needed to add a line to iptables allowing subnet as source
Ip6tables -vnL
i had pm'd Bas..he said to just remove the pppoe part.. it works now...thx Bascom!!! _________________ NETGEAR R9000 | RT | 40134 NETGEAR R7800 | AP | 40134
Joined: 25 Dec 2010 Posts: 295 Location: Twin Cities, MN
Posted: Mon Apr 07, 2014 15:38 Post subject:
BasCom wrote:
dont forget about all this: access restrictions on websites wont work, if you reach them via ipv6
example: blocking facebook through "www.facebook.com" does only work on ipv4 connectivity. just my two cents.
would be nice if ipv6 restrictions would be added by dev´s
Bas, just curious..do u run rdisc6 with your wide-dhcpv6 install? Just wondering if its needed? _________________ NETGEAR R9000 | RT | 40134 NETGEAR R7800 | AP | 40134
root@fw1:~# ipkg update
Downloading http://www.desipro.de/bcm53xx/packages/Packages ...
Connecting to www.desipro.de (82.165.77.220:80)
Packages 100% |******************************************************| 222k 0:00:00 ETA
Done.
Updated list of available packages in /jffs/usr/lib/ipkg/lists/kongarm
root@fw1:~# ipkg -force-depends install opkg
Downloading http://www.desipro.de/bcm53xx/packages/libgcc_4.6-linaro-1_bcm53xx.ipk ...
Connecting to www.desipro.de (82.165.77.220:80)
libgcc_4.6-linaro-1_ 100% |******************************************************| 20387 0:00:00 ETA
Done.
Unpacking libgcc...Done.
Configuring libgcc...Done.
Downloading http://www.desipro.de/bcm53xx/packages/libc_0.9.33.2-1_bcm53xx.ipk ...
Connecting to www.desipro.de (82.165.77.220:80)
libc_0.9.33.2-1_bcm5 100% |******************************************************| 236k 0:00:00 ETA
Done.
ipkg_install_file: Warning: libc depends on the following uninstalled programs: libgcc
Unpacking libc...Done.
Configuring libc...Done.
Downloading http://www.desipro.de/bcm53xx/packages/opkg_9c97d5ecd795709c8584e972bfdf3aee3a5b846d-6_bcm53xx.ipk ...
Connecting to www.desipro.de (82.165.77.220:80)
opkg_9c97d5ecd795709 100% |******************************************************| 56002 0:00:00 ETA
Done.
ipkg_install_file: Warning: opkg depends on the following uninstalled programs: libc libgcc
Unpacking opkg...Done.
Configuring opkg...Done.
root@fw1:~# opkg install wide-dhcpv6-client
Installing wide-dhcpv6-client (20080615-11) to root...
Downloading http://www.desipro.de/bcm53xx/packages/wide-dhcpv6-client_20080615-11_bcm53xx.ipk.
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies for wide-dhcpv6-client:
* kernel (= 3.10.24-1-88195fd7c4e81d344be404da9a6ba099) *
* opkg_install_cmd: Cannot install package wide-dhcpv6-client.
1. Get a reverse DNS record
There is no reverse DNS record to associate your IPv6 address with a host name. Reverse DNS records are required by some Internet protocols and are usually managed at the ISP level.
Okay, I've followed Nitrus's instructions above. However, I have some questions.
1. All okay up to manually trying the four insmod's:
root@DD-WRT:/jffs# insmod nf_defrag_ipv6
insmod: cannot insert '/lib/modules/3.10.33/kernel/net/ipv6/netfilter/nf_defrag_ipv6.ko': unknown symbol in module
root@DD-WRT:/jffs# insmod ip6_tables.ko
root@DD-WRT:/jffs# insmod nf_conntrack_ipv6.ko
insmod: cannot insert '/lib/modules/3.10.33/kernel/net/ipv6/netfilter/nf_conntrack_ipv6.ko': unknown symbol in module
root@DD-WRT:/jffs# insmod ip6table_filter.ko
root@DD-WRT:/jffs#
As you can see, I got a couple of errors above. I'm wondering if this is an ordering problem...wondering what the order should be to make this work? Or what I can do to make the 2 non-working insmod's work correctly?
2. For this step, step 5:
5-make sure to add these to router startup scripts:
/jffs/etc/config/dhcp6c.wanup
/jffs/etc/config/rdisc6.wanup
/jffs/etc/config/load-ipv6.sh
what router startup scripts do I add them to, and where are those scripts? Do I create them, or are they already there? Where do I put them if I create them...seems like they'd have to be in /jffs if I'm to create them, since this is about the only writeable file system I have?
Kind of a newbie at doing this in dd-wrt, as you can see, and could really use some help with this.
Joined: 25 Dec 2010 Posts: 295 Location: Twin Cities, MN
Posted: Wed May 07, 2014 12:07 Post subject:
MrDoh wrote:
Okay, I've followed Nitrus's instructions above. However, I have some questions.
1. All okay up to manually trying the four insmod's:
root@DD-WRT:/jffs# insmod nf_defrag_ipv6
insmod: cannot insert '/lib/modules/3.10.33/kernel/net/ipv6/netfilter/nf_defrag_ipv6.ko': unknown symbol in module
root@DD-WRT:/jffs# insmod ip6_tables.ko
root@DD-WRT:/jffs# insmod nf_conntrack_ipv6.ko
insmod: cannot insert '/lib/modules/3.10.33/kernel/net/ipv6/netfilter/nf_conntrack_ipv6.ko': unknown symbol in module
root@DD-WRT:/jffs# insmod ip6table_filter.ko
root@DD-WRT:/jffs#
As you can see, I got a couple of errors above. I'm wondering if this is an ordering problem...wondering what the order should be to make this work? Or what I can do to make the 2 non-working insmod's work correctly?
2. For this step, step 5:
5-make sure to add these to router startup scripts:
/jffs/etc/config/dhcp6c.wanup
/jffs/etc/config/rdisc6.wanup
/jffs/etc/config/load-ipv6.sh
what router startup scripts do I add them to, and where are those scripts? Do I create them, or are they already there? Where do I put them if I create them...seems like they'd have to be in /jffs if I'm to create them, since this is about the only writeable file system I have?
Kind of a newbie at doing this in dd-wrt, as you can see, and could really use some help with this.
Thanks very much!
1-those commands are saved in loadipv6.sh script in step 4 of instructions..
2-you should have created those scripts, and put them in the directories noted in instructions...then you can copy/paste step 5 to your router..
router-login/administration/commands/save startup
pm me if u get stuck...i will see if i can help.. _________________ NETGEAR R9000 | RT | 40134 NETGEAR R7800 | AP | 40134
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Wed May 07, 2014 16:35 Post subject:
Did you enable ipv6 prior to running those commands?
Personally when I do a fresh install I enable ipv6 and radvd then reboot the router. I the run lsmod to make sure ipv6 has been loaded. I then turn off radvd from the webif and have it started by my scripts on future reboots.
1-those commands are saved in loadipv6.sh script in step 4 of instructions..
2-you should have created those scripts, and put them in the directories noted in instructions...then you can copy/paste step 5 to your router..
router-login/administration/commands/save startup
pm me if u get stuck...i will see if i can help..
1-Well, seems to me that I should be able to run those insmod commands outside of the script. Another poster brought up the detail about whether IPv6 was enabled at the time, I don't remember that detail. I did enable IPv6 so that I could put radvd contents in the linked document into the radvd.conf file, but I'm not sure if that was before or after enabling IPv6 via "Apply", I may only have saved it at that time.
Anyways, it's the same kernel that the modules are being linked with, and the same set of other linked modules, so it seems to me that the insmod's should work anytime, if they're going to work at boot time.
2-Thanks, I'd forgotten about the ability to save startup commands in the web interface...the last router that I did this with didn't have that, you had to create the startup files under /jffs/scripts. However, dd-wrt does have that nice facility for saving startup commands, so I'll use it for this.
Got my fingers crossed that having IPv6 enabled when I do the insmod's is the problem.