Browse Source

More firewall settings

Bob Mottram 11 years ago
parent
commit
417bf366ab
1 changed files with 5 additions and 0 deletions
  1. 5
    0
      beaglebone.txt

+ 5
- 0
beaglebone.txt View File

@@ -507,6 +507,7 @@ iptables -F
507 507
 iptables -X
508 508
 
509 509
 # Drop any IPv6 traffic
510
+ip6tables -A INPUT -p icmp -j DROP
510 511
 ip6tables -A INPUT -p tcp -j DROP
511 512
 ip6tables -A INPUT -p udp -j DROP
512 513
 
@@ -615,8 +616,10 @@ iptables -A INPUT -p icmp -j DROP
615 616
 
616 617
 # Save the settings
617 618
 iptables-save > /etc/firewall.conf
619
+ip6tables-save > /etc/firewall6.conf
618 620
 echo '#!/bin/sh' > /etc/network/if-up.d/iptables
619 621
 echo 'iptables-restore < /etc/firewall.conf' >> /etc/network/if-up.d/iptables
622
+echo 'ip6tables-restore < /etc/firewall6.conf' >> /etc/network/if-up.d/iptables
620 623
 chmod +x /etc/network/if-up.d/iptables
621 624
 #+END_SRC
622 625
 
@@ -646,6 +649,8 @@ net.ipv4.conf.all.accept_source_route = 0
646 649
 net.ipv6.conf.all.accept_source_route = 0
647 650
 net.ipv4.conf.default.rp_filter=1
648 651
 net.ipv4.conf.all.rp_filter=1
652
+net.ipv4.ip_forward=0
653
+net.ipv6.conf.all.forwarding=0
649 654
 #+END_SRC
650 655
 
651 656
 And append the following: