I tried to setup the more sophistcated firewall from here: http://www.sixxs.net/wiki/IPv6_Firewalling#Example_script_for_IPv6_stateless_firewall Unfortunatly somehowe I cannot be pinged by the pop (rest works OK) This is what ip6tables -L gives me: root@raspberrypi:/usr/local/bin# ip6tables -L Chain INPUT (policy DROP) target prot opt source destination DROP udp anywhere anywhere DROP tcp anywhere anywhere tcpflags: FIN,SYN,RST,ACK/SYN DROP all anywhere anywhere rt type:0 segsleft:0 ACCEPT all anywhere anywhere ACCEPT all anywhere anywhere state RELATED,ESTABLISHED ACCEPT all anywhere anywhere ACCEPT all fe80::/10 anywhere ACCEPT all anywhere ip6-mcastprefix/8 AllowICMPs ipv6-icmp 2001:960:63d::1/128 cl-1598.ams-04.nl.sixxs.net/128 LOG all anywhere anywhere LOG level warning prefix "INPUT-v6:" Chain FORWARD (policy DROP) target prot opt source destination DROP udp anywhere anywhere DROP tcp anywhere anywhere tcpflags: FIN,SYN,RST,ACK/SYN DROP all anywhere anywhere rt type:0 segsleft:0 ACCEPT all 2001:960:660::/48 anywhere state NEW ACCEPT all anywhere anywhere state RELATED,ESTABLISHED LOG all anywhere anywhere LOG level warning prefix "FORWARD-v6:" Chain OUTPUT (policy DROP) target prot opt source destination DROP all anywhere anywhere rt type:0 segsleft:0 ACCEPT all anywhere anywhere ACCEPT all anywhere anywhere ACCEPT all anywhere anywhere ACCEPT all fe80::/10 anywhere ACCEPT all anywhere ip6-mcastprefix/8 LOG all anywhere anywhere LOG level warning prefix "OUTPUT-v6:" Chain AllowICMPs (1 references) target prot opt source destination ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp destination-unreachable ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp packet-too-big ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp time-exceeded ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp parameter-problem ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-request limit: avg 5/sec burst 10 ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-reply root@raspberrypi:/usr/local/bin#