本帖最后由 gally16 于 2024-3-24 17:29 编辑
- k3刷的。梅林作为二级路由怎么开ipv6?主路由是有ipv6的
- 之前是听说passthrough可以,见图片
- Passthrough 、Native 都试试过了
复制代码
好的问题解决了。原帖https://post.smzdm.com/p/alpz5z98/
首先要做一些准备工作: 将路由器的 IPv6 设置为 passthrough。然后通过 ssh 登陆路由器,运行下面这行命令 你应该会看到有类似这样一行输出 - odhcp6c -df -R -s /tmp/dhcp6c -N try -c 000300010123d231c3a3 -r23 -r24 -r82 -r83 br0
复制代码
其中有一串字符 000300010123d231c3a3,这串字符是你的设备ID,记下来这串字符,稍后要用到。 然后关闭路由器的IPv6功能。复制下面这一大长串脚本到你的/jffs/scripts/wan-start脚本中,一定要记得把最后一行的设备ID替换成你在准备工作里面获取到的ID,保存!重启!你会发现路由器自己也获取到IPv6地址了,LAN里的设备也正常获取到了IPv6地址! https://ipw.cn/
- #!/bin/sh
- # IPv6 bridge
- ebtables -t broute -A BROUTING -i eth0 -p ! ipv6 -j DROP
- brctl addif br0 eth0
- # enable IPv6 on eth0
- echo 0 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6
- echo 2 > /proc/sys/net/ipv6/conf/eth0/accept_dad
- echo 2 > /proc/sys/net/ipv6/conf/eth0/dad_transmits
- echo 1 > /proc/sys/net/ipv6/conf/eth0/accept_ra
- echo 0 > /proc/sys/net/ipv6/conf/eth0/forwarding
- # see lan.c config_ipv6
- echo 0 > /proc/sys/net/ipv6/conf/br0/disable_ipv6
- echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
- echo 0 > /proc/sys/net/ipv6/conf/default/disable_ipv6
- echo 2 > /proc/sys/net/ipv6/conf/br0/accept_dad
- echo 2 > /proc/sys/net/ipv6/conf/br0/dad_transmits
- # set_default_accept_ra
- echo 1 > /proc/sys/net/ipv6/conf/all/accept_ra
- echo 1 > /proc/sys/net/ipv6/conf/default/accept_ra
- echo 0 > /proc/sys/net/ipv6/conf/all/forwarding
- # Allow router get IPv6 Address
- # When user disable IPv6, system will set ip6tables ALL policy to DROP
- # wait after that, then set our firewall
- sleep 10
- # set up firewall
- ip6tables -P INPUT ACCEPT
- ip6tables -P OUTPUT ACCEPT
- ip6tables -A OUTPUT -p tcp -j ACCEPT
- ip6tables -A OUTPUT -p udp -j ACCEPT
- # input rules
- ip6tables -A INPUT -p ipv6-crypt -j ACCEPT
- ip6tables -A INPUT -p ipv6-auth -j ACCEPT
- ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
- ip6tables -A INPUT -m state --state NEW -j ACCEPT
- ip6tables -A INPUT -m state --state INVALID -j DROP
- # allow DHCPv6
- ip6tables -A INPUT -p udp --sport 547 --dport 546 -j ACCEPT
- ip6tables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
- ip6tables -A INPUT -p udp --sport 4500 --dport 4500 -j ACCEPT
- # allow ipv6-icmp related packet
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type router-solicitation -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type packet-too-big -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type time-exceeded -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type parameter-problem -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type echo-request -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type echo-reply -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 130 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 131 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 132 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type router-solicitation -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type router-advertisement -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type neighbour-solicitation -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type neighbour-advertisement -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 141 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 142 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 143 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 148 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 149 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 151 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 152 -j ACCEPT
- ip6tables -A INPUT -p ipv6-icmp --icmpv6-type 153 -j ACCEPT
- ip6tables -A INPUT -j DROP
- # Start DHCPv6 for LAN on br0
- # In my enviroment, IPv6 address spwan from a DHCPv6 server
- odhcp6c -df -R -s /tmp/dhcp6c -N try -c 你的设备ID -r23 -r24 -r82 -r83 br0
复制代码
|