with ipv6, you just allow the specific ports destined to the specific local machine(s) in on your WAN side, they don't need translating. same sort of rule as if you had a internet-facing service running on the routing system On Tue, May 26, 2020 at 11:55 AM Kenneth Porter <shiva at sewingwitch.com> wrote: > I finally got an ISP connection with working IPv6 and now I need to add > firewall rules for forwarding connections from my LAN to the WAN. I'm > using > firewalld to handle the high-level description that gets translated to > iptables/ip6tables on CentOS 7. > > Of course, with IPv6, one doesn't do NAT, so the usual masquerade target > doesn't make sense. But I want similar connection logic, with no inbound > connections allowed to LAN clients and all outbound connections allowed. > How does one express this in either firewalld or its ip6tables "direct > rules"? > > I don't currently need port-forwarding to internal servers but, for > completeness, what would such rules look like? > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos > -- -john r pierce recycling used bits in santa cruz