[TriLUG] OpenWRT, IPv6 and Firewall

[Brian McCullough]

To the OpenWRT gurus, and anybody else who cares to comment:

I am in the process of converting my long line of custom-make OpenBSD
gateway machines to an off-the-shelf WiFi router with OpenWRT.

I successfully loaded OpenWRT into the box, and have been working on the
various necessary configuration, including installing the necessary IPv6
modules and programs.

I followed the instructions at tunnelbroker.net to create the new
tunnel interface and configured it, but have run into a bit of a
roadblock where the firewall is concerned.

I find that the OpenWRT GUI tool does not like IPv6, at least as far as
Forwarding rules, and so I need to go back to hand-crafting ip6tables
rules.

Incidentally, I have multiple machines on the LAN-side, providing
different services, HTTP, SMTP, SSH, etc., so need to have some
port-recognizing forwarding rules for both IP versions.

When I dumped the IPv4 rules that I had already entered, they seem to
all have explicit Source and Destination IP addresses.  I can understand
the Destination addresses, but is it necessary to have the Source
addresses in OpenWRT, or can I use Interfaces instead?


Finally, does anybody have an example of the necessary IPv6 rules for
this sort of OpenWRT installation that they could give me, or point me
to?


Thank you,
Brian