File tree 3 files changed +244
-155
lines changed
3 files changed +244
-155
lines changed Original file line number Diff line number Diff line change @@ -114,7 +114,7 @@ extend:
114114Using iptables.nat
115115==================
116116
117- You can use nat for interface.
117+ You can use nat for interface. This is supported for IPv4 alone. IPv6 deployments should not use NAT.
118118
119119` ` ` yaml
120120 #Support nat
@@ -126,3 +126,30 @@ You can use nat for interface.
126126 '192.168.18.0/24':
127127 - 10.20.0.2
128128` ` `
129+
130+ IPv6 Support
131+ ============
132+
133+ This formula supports IPv6 as long as it is activated with the option :
134+
135+ ` ` `
136+ firewall:
137+ ipv6: True
138+ ` ` `
139+
140+ Services and whitelists are supported under the sections `services_ipv6` and `whitelist_ipv6`, as below :
141+
142+ ` ` `
143+ services_ipv6:
144+ ssh:
145+ block_nomatch: False
146+ ips_allow:
147+ - 2a02:2028:773:d01:10a5:f34f:e7ff:f55b/64
148+ - 2a02:2028:773:d01:1814:28ef:e91b:70b8/64
149+ whitelist_ipv6:
150+ networks:
151+ ips_allow:
152+ - 2a02:2028:773:d01:1814:28ef:e91b:70b8/64
153+ ` ` `
154+
155+ These sections are only processed if the ipv6 support is activated.
You can’t perform that action at this time.
0 commit comments