SRFirewall/etc/ipv6.conf

# IPv4 Specific Configuration File
#

# Allow everything over loopback (lo ::1/28)
# Good idea to keep this turned on, but if you so wish to,
# you can disable it here.
# Values: no | yes (default)
AllowAllv6Loopback="yes"

# Very early on rules to allow for trusted machines to access
# this machine.  Rather important and helps keep you from getting
# locked out should the firewalling rules go bad.
#
# IMPORTANT:  Hosts put in the trusted file will have complete
# and unfettered access to the host, ignoring all other rules.
#
# Config file: ipv6/trusted.conf
# Values: no | yes (default)
EnableTrustedv6Hosts="yes"

# Enable MSS clamping to work around MTU size issues
# on network links such as PPPoE and wireless
# Config file: ipv6/mss-clamp.conf
# Values: no | yes (default)
Enablev6MSSClamp="yes"

# Use /etc/resolv.conf as source for DNS servers that we communicate
# with as a client.  If you turn this off (recommended if on static IP),
# then you will need to manually define the DNS servers you use.
# Without conntrack rules allowing established/related, DNS traffic may
# be blocked and cause issues.
# Values: no | yes (default)
DNSClientUsev6ResolvConf="yes"
ResolvConfv6File="/etc/resolv.conf"

# Uncomment below if you set above to no.  You can still manually define your servers
# here if you want.  Useful at times.
# Values: space separated IP list of DNS servers
#DNSClientManualv6Servers=""

# Enable the EasyBlock access list
# This is a simple/easy way to block traffic in or out,
# no complex options.  Use the Filter options for more
# complex ACLs
# Config file: ipv6/easyblock.conf
# Values: no | yes (default)
Enablev6EasyBlock="yes"
Gotta love it when you have dos/win line endings unintentionally 2014-03-29 10:57:08 -06:00			`# IPv4 Specific Configuration File`
2014-03-30 10:16:22 -06:00			`#`

			`# Allow everything over loopback (lo ::1/28)`
			`# Good idea to keep this turned on, but if you so wish to,`
			`# you can disable it here.`
2014-03-30 10:40:28 -06:00			`# Values: no \| yes (default)`
2014-03-30 10:53:31 -06:00			`AllowAllv6Loopback="yes"`

			`# Very early on rules to allow for trusted machines to access`
			`# this machine. Rather important and helps keep you from getting`
			`# locked out should the firewalling rules go bad.`
			`#`
			`# IMPORTANT: Hosts put in the trusted file will have complete`
			`# and unfettered access to the host, ignoring all other rules.`
			`#`
Some cleaner operations in functions, added some debugging info 2014-03-30 12:18:26 -06:00			`# Config file: ipv6/trusted.conf`
2014-03-30 10:53:31 -06:00			`# Values: no \| yes (default)`
Some cleaner operations in functions, added some debugging info 2014-03-30 12:18:26 -06:00			`EnableTrustedv6Hosts="yes"`

			`# Enable MSS clamping to work around MTU size issues`
			`# on network links such as PPPoE and wireless`
			`# Config file: ipv6/mss-clamp.conf`
2014-03-30 13:18:45 -06:00			`# Values: no \| yes (default)`
			`Enablev6MSSClamp="yes"`

			`# Use /etc/resolv.conf as source for DNS servers that we communicate`
			`# with as a client. If you turn this off (recommended if on static IP),`
			`# then you will need to manually define the DNS servers you use.`
			`# Without conntrack rules allowing established/related, DNS traffic may`
			`# be blocked and cause issues.`
			`# Values: no \| yes (default)`
			`DNSClientUsev6ResolvConf="yes"`
			`ResolvConfv6File="/etc/resolv.conf"`

2014-03-30 13:36:55 -06:00			`# Uncomment below if you set above to no. You can still manually define your servers`
			`# here if you want. Useful at times.`
			`# Values: space separated IP list of DNS servers`
2014-03-31 17:37:38 -06:00			`#DNSClientManualv6Servers=""`

			`# Enable the EasyBlock access list`
			`# This is a simple/easy way to block traffic in or out,`
			`# no complex options. Use the Filter options for more`
			`# complex ACLs`
			`# Config file: ipv6/easyblock.conf`
			`# Values: no \| yes (default)`
			`Enablev6EasyBlock="yes"`