On Fri, Apr 21, 2023 at 11:14 AM Per Jessen <per@opensuse.org> wrote:
Andrei Borzenkov wrote:
On Fri, Apr 21, 2023 at 10:52 AM Per Jessen <per@opensuse.org> wrote:
Carlos E. R. wrote:
I'm asking how to block external internet in openSUSE, using SuSEfirewall2 or firewalld. On each computer.
ip6tables -A INPUT -p all -s yourpref/64 -j ACCEPT
What is not clear in "prefix will change every day"?
Andrei, that is very clear, but that's a hurdle Carlos will somehow have to live with / work around. Reload the firewall when the address changes ?
Do you have any practical suggestions on how it can be automated? And more importantly, do you have any idea how it can be done *before* prefix change, as otherwise you have a window where the firewall is configured for the old prefix which may have already been reused for some other customer and so allow external traffic.