部分光猫开启公网IPv6入站,光猫无需桥接直连

价值不大,这个为研究参考,实际上光猫有PMTU黑洞等问题,最好的方法还是路由拔号


超级密码获取
telnet 192.168.1.1
账号:CMCCAdmin
密码:你的光猫后面的user密码+@C1

超级密码获取方法
插入U盘,
cp /userconfig/cfg/db_ciot_user_cfg.xml /mnt/usb1_1/

然后routerpassview 打开db_ciot_user_cfg.xml 文件

搜 DM name=“User” val=
然后你就可以看见超级密码了

这个超密是有时效性的,失效了就再获取db_ciot_user_cfg.xml 文件查看

开启Telnet
使用超级密码登陆后

访问:http://192.168.1.1:8080/enableTelnet.html

即可启用 telnet,同时页面也有用户名和密码

无视SU密码,进入ROOT
telnet 192.168.1.1 链接到光猫

用户名和密码均是 telnetuser

然后输入英文符号 ; 回车

这时 $ 符号消失就进入root用户了

Login: telnetuser
Password:
$;
sh: syntax error: unexpected ";"
echo $USER
root
开启IPv6入站
默认规则在转发 FORWARD 表中加入了 DROP 丢弃了所有入站请求

是光猫将流量转发给下级路由的,通配 DROP 的规则删掉即可

查看FORWARD表
# 查看所有表
ip6tables -nvL --line-number

#查看FORWARD表
ip6tables -nvL FORWARD --line-numbers

Chain FORWARD (policy ACCEPT 65441 packets, 5616K bytes)
num   pkts bytes target     prot opt in     out     source               destination
1     6546  521K TCPMSS     tcp      any    ppp1.3  anywhere             anywhere             tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
2     6387  492K TCPMSS     tcp      ppp1.3 any     anywhere             anywhere             tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
3    4021K  770M rtchain    all      any    any     anywhere             anywhere
4        0     0 DROP       all      veip0.1 any     anywhere             anywhere
5        0     0 DROP       all      veip0.2 any     anywhere             anywhere
6    4018K  769M forward_npt  all      any    any     anywhere             anywhere
7     5476 1857K SKIPLOG    icmpv6    any    br0     anywhere             anywhere             ipv6-icmp destination-unreachable
8      399  137K SKIPLOG    icmpv6    any    ppp1.3  anywhere             anywhere             ipv6-icmp destination-unreachable
9    53521   19M ACCEPT     all      ppp1.3 any     anywhere             anywhere             ctstate RELATED,ESTABLISHED
10       0     0 LOG        tcp      ppp1.3 any     anywhere             anywhere             tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix "Intrusion -> "
11    1801  209K DROP       all      ppp1.3 any     anywhere             anywhere
删除DROP规则
我这里规则是第11条所以删除11条,以自己标号为准

#删除规则11
ip6tables -D FORWARD 11

ip6tables -nvL FORWARD --line-numbers
Chain FORWARD (policy ACCEPT 8 packets, 524 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1     6730  535K TCPMSS     tcp      *      ppp1.3  ::/0                 ::/0                 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
2     7023  542K TCPMSS     tcp      ppp1.3 *       ::/0                 ::/0                 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
3    4024K  770M rtchain    all      *      *       ::/0                 ::/0
4        0     0 DROP       all      veip0.1 *       ::/0                 ::/0
5        0     0 DROP       all      veip0.2 *       ::/0                 ::/0
6    4020K  770M forward_npt  all      *      *       ::/0                 ::/0
7     5496 1860K SKIPLOG    icmpv6    *      br0     ::/0                 ::/0                 ipv6-icmptype 1
8      405  139K SKIPLOG    icmpv6    *      ppp1.3  ::/0                 ::/0                 ipv6-icmptype 1
9    54396   19M ACCEPT     all      ppp1.3 *       ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
10       5   400 LOG        tcp      ppp1.3 *       ::/0                 ::/0                 tcp flags:0x17/0x02 limit: avg 6/hour 

高级规则
在drop之前加入有效,也就是需要排在前面而非最后,这个指定放行的端口,而非全部放行,保证了安全

允许指定端口(假设要放行 22, 80, 443)
ip6tables -I FORWARD 1 -i ppp1.3 -p tcp --dport 22 -j ACCEPT   # SSH
ip6tables -I FORWARD 2 -i ppp1.3 -p tcp --dport 80 -j ACCEPT   # HTTP
ip6tables -I FORWARD 3 -i ppp1.3 -p tcp --dport 443 -j ACCEPT  # HTTPS

允许返回流量(防止连接被中断)
ip6tables -I FORWARD 4 -m state --state ESTABLISHED,RELATED -j ACCEPT
恢复DROP规则
在第11条加入DROP规则,或者重启光猫

ip6tables -I FORWARD 11 -i ppp1.3 -j DROP
持久化
暂未找到能持久化的方法

使用 ip6tables-save 保存的值无变化

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注