Skip to content

Commit e92adc1

Browse files
yorickdowneyorickdowne
committed
IPv6 instructions ufw
1 parent 620ba2d commit e92adc1

1 file changed

Lines changed: 7 additions & 7 deletions

File tree

website/docs/Support/Cloud.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ COMMIT
4444
```
4545

4646
Note this deliberately keeps ufw rules from influencing any traffic sourced from the standard Docker private IP ranges.
47-
This may *not* be what you need, in which case just remove those seven lines, and be sure to allow needed
47+
This may *not* be what you need, in which case just remove those five lines, and be sure to allow needed
4848
container traffic through explicit ufw rules, if you are blocking a port.
4949

5050
### 2) Edit after6.rules:
@@ -53,21 +53,21 @@ container traffic through explicit ufw rules, if you are blocking a port.
5353

5454
```
5555
*filter
56-
:ufw-user-input - [0:0]
56+
:ufw6-user-input - [0:0]
5757
:DOCKER-USER - [0:0]
5858
5959
# ufw in front of docker while allowing all inter-container traffic
6060
-A DOCKER-USER -s fe80::/10 -j RETURN
6161
-A DOCKER-USER -s fd00::/8 -j RETURN
6262
63-
-A DOCKER-USER -j ufw-user-input
63+
-A DOCKER-USER -j ufw6-user-input
6464
-A DOCKER-USER -j RETURN
6565
6666
COMMIT
6767
```
6868

6969
Note this deliberately keeps ufw rules from influencing any traffic sourced from the standard Docker ULA IPv6 ranges.
70-
This may *not* be what you need, in which case just remove those seven lines, and be sure to allow needed
70+
This may *not* be what you need, in which case just remove those two lines, and be sure to allow needed
7171
container traffic through explicit ufw rules, if you are blocking a port.
7272

7373
### 3) Edit before.init
@@ -82,14 +82,14 @@ stop)
8282
iptables -X ufw-user-input || true
8383
ip6tables -F DOCKER-USER || true
8484
ip6tables -A DOCKER-USER -j RETURN || true
85-
ip6tables -X ufw-user-input || true
85+
ip6tables -X ufw6-user-input || true
8686
;;
8787
```
8888

8989
Then, make it executable: `sudo chmod 750 /etc/ufw/before.init`
9090

91-
Dropping `ufw-user-input` through `before.init` is a required step. Without it, ufw cannot be reloaded, it would display an error message
92-
stating "ERROR: Could not load logging rules".
91+
Dropping `ufw-user-input` and `ufw6-user-input` through `before.init` is a required step. Without it, ufw cannot be reloaded,
92+
it would display an error message stating "ERROR: Could not load logging rules".
9393

9494
### 4) Reload ufw
9595

0 commit comments

Comments
 (0)