Forked from mskutta/EdgeRouter_IPv6_Commands_for_Comcast.txt
Created
January 24, 2020 17:28
-
-
Save Dianoga/82c4676b4b3c894db16d73c6498b5244 to your computer and use it in GitHub Desktop.
EdgeRouter IPv6 Commands for Comcast
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
configure | |
# Configure Firewall | |
set firewall ipv6-name IPV6WAN_IN description 'IPV6WAN to internal' | |
set firewall ipv6-name IPV6WAN_IN default-action drop | |
set firewall ipv6-name IPV6WAN_IN rule 10 action accept | |
set firewall ipv6-name IPV6WAN_IN rule 10 state established enable | |
set firewall ipv6-name IPV6WAN_IN rule 10 state related enable | |
set firewall ipv6-name IPV6WAN_IN rule 10 log disable | |
set firewall ipv6-name IPV6WAN_IN rule 10 description 'Allow established/related' | |
set firewall ipv6-name IPV6WAN_IN rule 20 action drop | |
set firewall ipv6-name IPV6WAN_IN rule 20 state invalid enable | |
set firewall ipv6-name IPV6WAN_IN rule 20 description 'Drop invalid state' | |
set firewall ipv6-name IPV6WAN_IN rule 30 action accept | |
set firewall ipv6-name IPV6WAN_IN rule 30 description 'Allow ICMPv6' | |
set firewall ipv6-name IPV6WAN_IN rule 30 log disable | |
set firewall ipv6-name IPV6WAN_IN rule 30 protocol icmpv6 | |
set interfaces ethernet eth0 firewall in ipv6-name IPV6WAN_IN | |
commit | |
save | |
# Enable IPv6 https://techsmix.net/ubiquti-edgemax-lite/ | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 prefix-length 60 | |
set interfaces ethernet eth0 dhcpv6-pd rapid-commit enable | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth1 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth1 host-address ::1 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth1 prefix-id :1 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth1 service slaac | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth2 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth2 host-address ::1 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth2 prefix-id :2 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth2 service slaac | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth3 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth3 host-address ::1 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth3 prefix-id :3 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth3 service slaac | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth4 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth4 host-address ::1 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth4 prefix-id :4 | |
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth4 service slaac | |
set interfaces ethernet eth1 ipv6 router-advert prefix ::/64 | |
set interfaces ethernet eth2 ipv6 router-advert prefix ::/64 | |
set interfaces ethernet eth3 ipv6 router-advert prefix ::/64 | |
set interfaces ethernet eth4 ipv6 router-advert prefix ::/64 | |
commit | |
save | |
# Open Firewall | |
set firewall ipv6-name IPV6WAN_IN rule 50 action accept | |
set firewall ipv6-name IPV6WAN_IN rule 50 description 'monitor.axis' | |
set firewall ipv6-name IPV6WAN_IN rule 50 protocol tcp | |
set firewall ipv6-name IPV6WAN_IN rule 50 destination port 80,443 | |
set firewall ipv6-name IPV6WAN_IN rule 50 destination address 2601:581:8301:5773:240:8cff:feba:45b1 | |
set firewall ipv6-name IPV6WAN_IN rule 50 log disable | |
commit | |
save | |
exit | |
show interfaces |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment