It still amazes me how many people use their shiny Linux machine out there touting for its safety and robustness but never thought to put a single iptable rule in it. Is there any kind of default firewall into those linux-for-wide-audience distributions that I didn’t know about ?
Anyway I finally made my handcrafted profil-based IPv6-ready stateful firewall. Well the “handcrafted IPv6-ready stateful firewall” was already there since years but the “profil-based” part of it wasn’t ! I use 2 profiles basically (home and public) and do the switch automatically with network-manager (/etc/NetworkManager/dispatcher.d).