ip6tables with hostname destination

Post new topic   Reply to topic    DD-WRT Forum Index -> ARM or PPC based Hardware
Author Message
arcanemagick
DD-WRT Novice


Joined: 08 Jan 2016
Posts: 5

PostPosted: Fri Jan 08, 2016 7:40    Post subject: ip6tables with hostname destination Reply with quote
I am wondering if anyone can help with this ip6tables issue. I am running DD-WRT on the R7000 and trying to block all connections from my network to one or more hosts. For example, suppose I hate Yahoo! and don't want anything connecting to www.yahoo.com. The following iptables command seems to work fine for IPv4 traffic:

Code:
iptables -I FORWARD 1 -d www.yahoo.com -j DROP


However, to similarly block IPv6 traffic, I've tried doing the same with ip6tables:

Code:
ip6tables -I FORWARD 1 -d www.yahoo.com -j DROP


The above ip6tables command results in the error message:
Quote:
ip6tables v1.3.7: host/network `www.yahoo.com' not found


Both iptables and ip6tables seem to work fine if I use nslookup and specify the IPv4 and IPv6 addresses respectively instead of a hostname. Is there any way to get ip6tables to resolve a hostname like iptables does?

Thanks!

(Edited to correct/clarify that I mean "host" name and not "domain" name.)
Sponsor
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Thu Feb 04, 2016 21:52    Post subject: Reply with quote
Working here, build 29002
arcanemagick
DD-WRT Novice


Joined: 08 Jan 2016
Posts: 5

PostPosted: Sun Feb 28, 2016 22:45    Post subject: Reply with quote
Thanks for the reply. I was using build 27775. I just updated to build 29165 and it appears to be working now! Smile
arcanemagick
DD-WRT Novice


Joined: 08 Jan 2016
Posts: 5

PostPosted: Sun Mar 06, 2016 11:08    Post subject: Reply with quote
Turns out after updating to build 29165, the router fails to get an IPv6 address from my ISP (TWC) using DHCPv6 w/ Prefix Delegation. I've also tried build 29200. Upon reverting back to 27775, the DHCPv6 works again.

So now I have to figure that one out because ip6tables does me no good if DHCPv6 is failing. Mad


Last edited by arcanemagick on Mon Mar 07, 2016 1:04; edited 2 times in total
arcanemagick
DD-WRT Novice


Joined: 08 Jan 2016
Posts: 5

PostPosted: Sun Mar 06, 2016 11:21    Post subject: Reply with quote
Just noticed that I somehow managed to post this under ARM/PPC when I'm actually using a Broadcom device. Embarassed So I'll make any further posts under Broadcom in case my issues with the latest firmware builds is specific to the R7000. Thanks!
flaminmoses
DD-WRT Novice


Joined: 12 May 2013
Posts: 11

PostPosted: Mon Mar 20, 2017 15:18    Post subject: Reply with quote
Code:
iptables -I FORWARD 1 -d xxx.xxx.xxx.*** -j DROP

is this possible too?
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Sat Oct 14, 2017 20:51    Post subject: Reply with quote
Use a CIDR notation 192.168.1.0/24
EthanThompson
DD-WRT Novice


Joined: 17 Nov 2017
Posts: 3

PostPosted: Mon Nov 20, 2017 9:44    Post subject: Reply with quote
Hi.
That's right, use a CIDR notation.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> ARM or PPC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum