[root@localhost ~]# /sbin/ip6tables -L -n -v
Chain INPUT (policy ACCEPT 24 packets, 2094 bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all pptp+ * ::/0 ::/0
0 0 ACCEPT all tun+ * ::/0 ::/0
0 0 ACCEPT all * pptp+ ::/0 ::/0 state RELATED,ESTABLISHED
0 0 ACCEPT all * tun+ ::/0 ::/0 state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT 59 packets, 4670 bytes)
pkts bytes target prot opt in out source destination

Chain DROP-lan (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all * * ::/0 ::/0

[root@localhost ~]# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.56.101 netmask 255.255.255.0 broadcast 192.168.56.255
inet6 fe80::a00:27ff:fe1e:4245 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:1e:42:45 txqueuelen 1000 (Ethernet)
RX packets 94 bytes 24209 (23.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 51 bytes 8141 (7.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ClearOS 7 - custom firewall rules and default ruleset for IPv6

Hello,

I've just upgraded to ClearOS 7 and I'm trying to implement some custom firewall rules using iptables directly. I don't want to use firewalld.

On ClearOS 6 we could add rules in this way to /etc/clearos/firewall.d/local. Is there an equivalent file in ClearOS 7?

Also, I noticed after installing ClearOS 7 community that IPv6 was enabled on the system yet there were no rules in place to prevent IPv6 traffic to the system? This seems like an oversight to me. I'd expect at least a INPUT and FORWARD policy configuration to disallow traffic.

Can anyone provide some insight on how I might be able to implement custom firewall rules using the classic iptables syntax in ClearOS 7?

Thanks,

Bob