Inhaltsverzeichnis

Unifi USG IPv6 Firewall with dynamic prefix

persistent

create firewall rule first in the Web-Interface, then edit this in config.gateway.json

//192.168.11.40/var/lib/unifi/sites/hdff57s1/config.gateway.json
{
        "firewall": {
                "ipv6-name": {
                        "WANv6_IN": {
                                "rule": {
                                        "2000": {
                                                "destination": {
                                                        "address": "::48/::ffff:ffff:ffff:ffff",
                                                },
                                        },
					"2001": {
                                                "destination": {
                                                        "address": "::46/::ffff:ffff:ffff:ffff",
                                                },
                                        },
					"2002": {
                                                "destination": {
                                                        "address": "::40/::ffff:ffff:ffff:ffff",
                                                }
                                        }
                                }
                        }
                }
        },
}

temp

set firewall ipv6-name WANv6_IN rule 2000 destination address ::0023:a92f:d91f:fec4:70dd/::00ff:ffff:ffff:ffff:ffff