Cisco IPv6 IOS firewall

ipv6 inspect routing-header
ipv6 inspect max-incomplete low 100
ipv6 inspect max-incomplete high 300
ipv6 inspect one-minute low 100
ipv6 inspect one-minute high 300
ipv6 inspect udp idle-time 60
ipv6 inspect tcp idle-time 1200
ipv6 inspect tcp finwait-time 8
ipv6 inspect tcp synwait-time 60
ipv6 inspect tcp max-incomplete host 100 block-time 1
!
interface dialer X
!
ipv6 inspect name ipv6-FireWall tcp alert on timeout 120
ipv6 inspect name ipv6-FireWall udp alert on timeout 60
ipv6 inspect name ipv6-FireWall icmp alert on audit-trail on timeout 5
ipv6 inspect name ipv6-FireWall ftp timeout 3600
!

ipv6 verify unicast source reachable-via any allow-default
ipv6 inspect ipv6-FireWall in
ipv6 inspect ipv6-FireWall out
ipv6 traffic-filter ipv6-inet-in in
!
ipv6 access-list ipv6-inet-in
remark block site local
deny ipv6 any FEC0::/10
remark block mcast
deny ipv6 any FF00::/8
remark permit mcast link local
permit ipv6 any FF02::/16
remark permit mcast global scope
permit ipv6 any FF0E::/16
remark permit minimale icmp berichten
permit icmp any any echo-reply
permit icmp any any time-exceeded
permit icmp any any unreachable
permit icmp any any echo-request
permit icmp any any packet-too-big
permit icmp any any parameter-problem
permit icmp any any mld-query
permit icmp any any mld-report
permit icmp any any mld-reduction
permit icmp any any router-solicitation
permit icmp any any router-advertisement
remark permit toegestaan verkeer