Manualshelf

Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA
141142143144145146147148149150
4. Packages
PF6_INPUT_N This variable contains the number of IPv6-firewall rules for incoming packets
(INPUT-Chain). Per default two rules are activated: the first allows all local hosts to
access the router on so-called link-level addresses, the second allows hosts from the first
defined IPv6-subnet to access the router.
In case of multiple local IPv6-subnets defined the second rule has to be cloned respec-
tively. See the configuration file for details.
Example: PF6_INPUT_N='2'
PF6_INPUT_x This variable specifies a rule for the INPUT-chain of the der IPv6-firewall.
For a detailed description see the documentation of PF_INPUT_x.
Differences regarding the IPv4-firewall:
IPV6_NET_x has to be used instead of IP_NET_x.
IPV6_ROUTE_x has to be used instead of IP_ROUTE_x.
IPv6-addresses must be enclosed in square brackets (including the network mask, if
present).
All IPv6 address strings (including IP_NET_x etc.) must be enclosed in square brack-
ets if a port or a port range follows.
Examples:
PF6_INPUT_1='[fe80::0/10] ACCEPT'
PF6_INPUT_2='IPV6_NET_1 ACCEPT'
PF6_INPUT_3='tmpl:samba DROP NOLOG'
PF6_INPUT_x_COMMENT This variable holds a description or a comment for the input
rule it belongs to.
Example: PF6_INPUT_3_COMMENT='no␣samba␣traffic␣allowed'
PF6_FORWARD_POLICY This variable sets the default policy for packets to be forwarded
by the router (FORWARD-Chain). Possible values are “REJECT” (default, rejects all
packets), “DROP” (ignores all packets without further notice) and “ACCEPT” (accepts
all packets). For a detailed description see the documentation of PF_FORWARD_POLICY.
Default setting: PF6_FORWARD_POLICY='REJECT'
PF6_FORWARD_ACCEPT_DEF This variable activates the predefined rules for the
FORWARD-chain of the IPv6-firewall. Possible values are “yes” and “no”.
The predefined rules open the firewall for outgoing ICMPv6-pings (one ping per second
as a limit). Response packets to already allowed connections will also be allowed.
Default setting: PF6_FORWARD_ACCEPT_DEF='yes'
PF6_FORWARD_LOG This variable activates logging of all rejected forwarding packets.
Possible values are “yes” and “no”. For a detailed description see the documentation
of PF_FORWARD_LOG.
Default setting: PF6_FORWARD_LOG='no'
141