Package: shorewall6 Version: 4.4.11.6-1 Severity: normal I have configured my a router running debian squeeze to use unique local ip6 addresses (ULA) [1] with prefix 'fd' on all interfaces. These allow my network to do ipv6 routing between my subnets without any external ip6 connectivity.
However, shorewall6 currently seems to assert that all routable ip6
address start on '2'. I.e. the .start script generated by shorewall6
checks all interfaces agains interface_is_usable(), which is implemented
as:
interface_is_usable() # $1 = interface
{
[ "$1" = lo ] && return 0
interface_is_up $1 && [ "$(find_first_interface_address_if_any $1)" != :: ]
&& run_isusable_exit $1
}
and find_first_interface_address_if_any does:
find_first_interface_address_if_any() # $1 = interface
{
#
# get the line of output containing the first IP address
#
addr=$(${IP:-ip} -f inet6 addr show $1 2> /dev/null | grep 'inet6 2.*
global' | head -n1)
[..]
Here it ignores all addresses that don't start on 2. This results in
shorewall6 startup to fail with 'ERROR: Required interface eth0 not
available'.
[1] http://en.wikipedia.org/wiki/Unique_local_address
cheers,
David
-- System Information:
Debian Release: 6.0.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: mipsel (mips64)
Kernel: Linux 2.6.39.3-dk6
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages shorewall6 depends on:
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii iproute 20100519-3 networking and traffic control too
ii iptables 1.4.8-3 administration tools for packet fi
ii libio-socket-inet6-perl 2.65-1.1 Object interface for AF_INET6 doma
ii shorewall 4.4.11.6-3 Shoreline Firewall, netfilter conf
shorewall6 recommends no packages.
Versions of packages shorewall6 suggests:
ii linux-image-2. 2.6.38-5~bpo60+1 Linux 2.6.38 for Loongson 2F
ii linux-image-2. 2.6.39.3-dk-10.00.Custom Linux kernel binary image for vers
ii linux-image-2. 2.6.39.3-dk2-10.00.Custom Linux kernel binary image for vers
ii linux-image-2. 2.6.39.3-dk3-10.00.Custom Linux kernel binary image for vers
ii linux-image-2. 2.6.39.3-dk4-10.00.Custom Linux kernel binary image for vers
ii linux-image-2. 2.6.39.3-dk5-10.00.Custom Linux kernel binary image for vers
ii linux-image-2. 2.6.39.3-dk6-10.00.Custom Linux kernel binary image for vers
ii make 3.81-8 An utility for Directing compilati
ii shorewall-doc 4.4.11-1 documentation for Shoreline Firewa
-- Configuration Files:
/etc/default/shorewall6 changed:
startup=1
OPTIONS=""
/etc/shorewall6/shorewall6.conf [Errno 13] Permission denied:
u'/etc/shorewall6/shorewall6.conf'
-- debconf information:
shorewall6/major_release:
shorewall6/dont_restart:
shorewall6/invalid_config:
--
GnuPG public key: http://dvdkhlng.users.sourceforge.net/dk.gpg
Fingerprint: B17A DC95 D293 657B 4205 D016 7DEF 5323 C174 7D40
pgpz12MhD6kvZ.pgp
Description: PGP signature
