ip6tables 將不接受 -d 目的地，但 iptables 將

我正在嘗試允許 IPv6 地址連接到我伺服器上的某個 IP，但不允許連接到其他 IP。以下不適用於 ip6tables，但僅適用於普通 iptables。但是，當我-d xx.xx.xx.77從 ip6tables 命令中刪除它時，它會起作用，這將允許這個 ip6 地址連接到我不想要的盒子上的任何 IP。

ip6tables -I INPUT -d xx.xx.xx.77 -i enp2s0f0 -p tcp -m multiport --dports http,https -s 2400:cb00::/32 -j ACCEPT
ip6tables v1.6.0: host/network `xx.xx.xx.77' not found

man ip6tables``-d為和顯示以下內容-s：

  [!] -s, --source address[/mask][,...]
         Source  specification.  Address  can  be  either a network name, a hostname, a network IP address (with /mask), or a plain IP address. Hostnames will be resolved once only, before the rule is submitted to the kernel.  Please note that
         specifying any name to be resolved with a remote query such as DNS is a really bad idea.  The mask can be either an ipv4 network mask (for iptables) or a plain number, specifying the number of 1's at the left side of the network mask.
         Thus, an iptables mask of 24 is equivalent to 255.255.255.0.  A "!" argument before the address specification inverts the sense of the address. The flag --src is an alias for this option.  Multiple addresses can be specified, but this
         will expand to multiple rules (when adding with -A), or will cause multiple rules to be deleted (with -D).

  [!] -d, --destination address[/mask][,...]
         Destination specification.  See the description of the -s (source) flag for a detailed description of the syntax.  The flag --dst is an alias for this option.

IPv6 無法連接到 IPv4。在 ip6tables 中，一切都需要是 ipv6

引用自：https://unix.stackexchange.com/questions/335874