IP6Tables is the firewalling tool for IPv6 under Linux.
As of the Linux 2.6.21 kernel, the Netfilter code base has the new layer 2 connection tracking code in place, so enabling connection tracking for IPv6 is as simple as a configuration option in make config (Note: It is marked as experimental).
Once you've enabled everything, you can set up your ip6tables just as you would your IPv4 iptables. This provides the final piece in a sane deployment of IPv6 on the Internet.
One page links to IP6Tables:
