#!/bin/sh

# Script that disables IPv6
#
# 08/12/2009
# Ryan Giobbi, CERT
#
# Please send feedback to <rag@cert.org> 
# Don't use these rules on production systems without testing. 


# This script is not designed to run alone, its rules should be inserted into an existing # configuration.

iptables -I FORWARD -p 41 -j DROP
iptables -I FORWARD -p 43 -j DROP
iptables -I FORWARD -p 44 -j DROP
iptables -I FORWARD -p 58 -j DROP
iptables -I FORWARD -p 59 -j DROP
iptables -I FORWARD -p 60 -j DROP

iptables -I FORWARD -p udp --sport 3544 -j DROP
iptables -I FORWARD -p udp --dport 3544 -j DROP

iptables -I FORWARD -p udp --sport 3545 -j DROP
iptables -I FORWARD -p udp --dport 3545 -j DROP