Posted: Sat Sep 12, 2015 16:50 Post subject: Address Restrictions don't seem to block IPv6 sites
I have setup access restrictions to keep certain devices off the internet at night and everything works great as long as IPv6 is disabled. When I enable IPv6 and browse to an IPv6 device on one of the blocked devices I can still access the page without any restriction. Has anyone else run into this or am I not doing something right?
I am currently running:
Router Model: Asus RT-AC56U
Firmware Version: DD-WRT v3.0-r27805 std (09/11/15)
Kernel Version: Linux 3.10.87 #4602 SMP Thu Sep 10 06:28:14 CEST 2015 armv7l
I have the same issue, on a Linksys Archer C7 v2 running v3.0-r30949 std (12/15/16). Access restrictions set to block all access are only blocking ipv4 traffic. I can still connect to, for example, google and youtube because they resolve to ipv6 addresses.
Does anyone know if there is a way to enable ipv6 on the router but disable it per device (based on MAC address or something)?
I managed to answer my own question. By running this ip6tables command for each MAC address (and saving them to my firewall script in Administration->Commands) I'm able to disable ipv6 traffic to the devices I want to apply access restrictions to:
Code:
ip6tables -I INPUT -m mac --mac-source MAC:ADDRESS:HERE -j DROP
Visiting a site like ipv6-test.com from those devices show that only ipv4 traffic is working, which means access restrictions work as expected again.