From routerip6tables -F INPUTip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-

1. From router
2. ip6tables -F INPUT
3. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type echo-request -m recent --set
4. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type echo-request -m recent --update --seconds 10 --hitcount 5 -j DROP
5. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type echo-request -j ACCEPT
6. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
7. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type router-advertisement -j ACCEPT
8. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type router-solicitation -j ACCEPT
9. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type neighbour-advertisement -j ACCEPT
10. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type neighbour-solicitation -j ACCEPT
11. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
12. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
13. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
14. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
15. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type unknown-header-type -j ACCEPT
16. ip6tables -A INPUT -i brwan -p icmpv6 --icmpv6-type redirect -j ACCEPT
17. ip6tables -A INPUT -i brwan -p icmpv6 -j DROP
18. ip6tables -A INPUT -i brwan -p tcp ! --syn -m state --state NEW -j DROP
19. ip6tables -A INPUT -i brwan -m rt --rt-type 0 -j DROP
20. ip6tables -A INPUT -i brwan -p tcp --tcp-flags ALL ALL -j DROP
21. ip6tables -A INPUT -i brwan -p tcp --tcp-flags ALL NONE -j DROP
22. ip6tables -A INPUT -i brwan -m pkttype --pkt-type multicast -j DROP
23. ip6tables -A INPUT -i brwan -m pkttype --pkt-type broadcast -j DROP
24. ip6tables -A INPUT -i brwan -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
25. #ip6tables -A INPUT -i brwan -p tcp -m tcp --dport 22 -j ACCEPT
26. ip6tables -A INPUT -i brwan -p udp -m udp --dport 546 -j ACCEPT
27. ip6tables -A INPUT -i brwan -j DROP
28.  
29. # From home network
30. ip6tables -F FORWARD
31. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type echo-request -m recent --set
32. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type echo-request -m recent --update --seconds 10 --hitcount 5 -j DROP
33. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type echo-request -j ACCEPT
34. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
35. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type router-advertisement -j ACCEPT
36. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type router-solicitation -j ACCEPT
37. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type neighbour-advertisement -j ACCEPT
38. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type neighbour-solicitation -j ACCEPT
39. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
40. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
41. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
42. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
43. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type unknown-header-type -j ACCEPT
44. ip6tables -A FORWARD -i brwan -p icmpv6 --icmpv6-type redirect -j ACCEPT
45. ip6tables -A FORWARD -i brwan -p icmpv6 -j DROP
46. ip6tables -A FORWARD -i brwan -p tcp ! --syn -m state --state NEW -j DROP
47. ip6tables -A FORWARD -i brwan -m rt --rt-type 0 -j DROP
48. ip6tables -A FORWARD -i brwan -p tcp --tcp-flags ALL ALL -j DROP
49. ip6tables -A FORWARD -i brwan -p tcp --tcp-flags ALL NONE -j DROP
50. ip6tables -A FORWARD -i brwan -m pkttype --pkt-type multicast -j ACCEPT
51. ip6tables -A FORWARD -i brwan -m pkttype --pkt-type broadcast -j ACCEPT
52. ip6tables -A FORWARD -i brwan -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
53. ip6tables -A FORWARD -i brwan -p tcp -m multiport --dports 2222,7200 -j ACCEPT
54. ip6tables -A FORWARD -i brwan -p udp -m udp --dport 7200 -j ACCEPT
55. ip6tables -A FORWARD -i brwan -p udp -m udp --dport 546 -j ACCEPT
56. ip6tables -A FORWARD -i brwan -j DROP