On 10/26/18 10:19 AM, mark wrote: > I think y'all misunderstood me - I just want to say "turn off", run my > script to test it, and turn it back on. I think we understood what you meant, but firewalld doesn't offer a mechanism to turn off only ipv6 rules that I'm aware of. So you'd need to use ip6tables directly, clear the rules, and then reload firewalld when you wanted to re-enable them. > However, I found out something: iptables -L gives the rules, > also....*only* for IPv4; ip6tables -L does the same for only 6. And it > does look as though by shutting down ip6tables, it did turn them off - I'm assuming that you mean "systemctl disable ip6tables" which work if you have the iptables init scripts installed. They normally aren't. The advice offered will work on a default installation.