直接关闭防火墙
ip6tables -F ip6tables -X ip6tables -P INPUT ACCEPT ip6tables -P OUTPUT ACCEPT ip6tables -P FORWARD ACCEPT
这种方法是关闭全部IPV6防火墙,但是并不安全~
- 暴露路由器下端所有IPV6设备的指定端口
ip6tables -I forwarding_rule -p tcp --dport 1234 -j ACCEPT
ip6tables -I forwarding_rule -p tcp --dport 5678 -j ACCEPT
以上命令会在重启后失效,需要设置开机命令,达到持久化的效果:
方法一:配置自启动脚本
vi /etc/rc.local
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
ip6tables -I forwarding_rule -p tcp --dport 1234 -j ACCEPT
ip6tables -I forwarding_rule -p tcp --dport 5678 -j ACCEPT
exit 0
方法二:添加定时
crontab -e
*/5 * * * * ip6tables -L | grep "tcp dpt:ssh"; [ $? != 0 ] && echo "add port" && ip6tables -I forwarding_rule -p tcp --dport 22 -j ACCEPT
*/5 * * * * ip6tables -L | grep "tcp dpt:1234"; [ $? != 0 ] && echo "add port" && ip6tables -I forwarding_rule -p tcp --dport 1234 -j ACCEPT
*/5 * * * * ip6tables -L | grep "tcp dpt:5678"; [ $? != 0 ] && echo "add port" && ip6tables -I forwarding_rule -p tcp --dport 5678 -j ACCEPT