[CentOS] ip6tables on C7

Fri Oct 26 18:33:10 UTC 2018
Gordon Messmer <gordon.messmer at gmail.com>

On 10/26/18 10:19 AM, mark wrote:
> I think y'all misunderstood me - I just want to say "turn off", run my
> script to test it, and turn it back on.

I think we understood what you meant, but firewalld doesn't offer a 
mechanism to turn off only ipv6 rules that I'm aware of.  So you'd need 
to use ip6tables directly, clear the rules, and then reload firewalld 
when you wanted to re-enable them.

> However, I found out something: iptables -L gives the rules,
> also....*only* for IPv4; ip6tables -L does the same for only 6. And it
> does look as though by shutting down ip6tables, it did turn them off -

I'm assuming that you mean "systemctl disable ip6tables" which work if 
you have the iptables init scripts installed.  They normally aren't.  
The advice offered will work on a default installation.