Package: shorewall6 Version: 4.4.11.6-1 Severity: normal I have configured my a router running debian squeeze to use unique local ip6 addresses (ULA) [1] with prefix 'fd' on all interfaces. These allow my network to do ipv6 routing between my subnets without any external ip6 connectivity.
However, shorewall6 currently seems to assert that all routable ip6 address start on '2'. I.e. the .start script generated by shorewall6 checks all interfaces agains interface_is_usable(), which is implemented as: interface_is_usable() # $1 = interface { [ "$1" = lo ] && return 0 interface_is_up $1 && [ "$(find_first_interface_address_if_any $1)" != :: ] && run_isusable_exit $1 } and find_first_interface_address_if_any does: find_first_interface_address_if_any() # $1 = interface { # # get the line of output containing the first IP address # addr=$(${IP:-ip} -f inet6 addr show $1 2> /dev/null | grep 'inet6 2.* global' | head -n1) [..] Here it ignores all addresses that don't start on 2. This results in shorewall6 startup to fail with 'ERROR: Required interface eth0 not available'. [1] http://en.wikipedia.org/wiki/Unique_local_address cheers, David -- System Information: Debian Release: 6.0.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: mipsel (mips64) Kernel: Linux 2.6.39.3-dk6 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages shorewall6 depends on: ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy ii iproute 20100519-3 networking and traffic control too ii iptables 1.4.8-3 administration tools for packet fi ii libio-socket-inet6-perl 2.65-1.1 Object interface for AF_INET6 doma ii shorewall 4.4.11.6-3 Shoreline Firewall, netfilter conf shorewall6 recommends no packages. Versions of packages shorewall6 suggests: ii linux-image-2. 2.6.38-5~bpo60+1 Linux 2.6.38 for Loongson 2F ii linux-image-2. 2.6.39.3-dk-10.00.Custom Linux kernel binary image for vers ii linux-image-2. 2.6.39.3-dk2-10.00.Custom Linux kernel binary image for vers ii linux-image-2. 2.6.39.3-dk3-10.00.Custom Linux kernel binary image for vers ii linux-image-2. 2.6.39.3-dk4-10.00.Custom Linux kernel binary image for vers ii linux-image-2. 2.6.39.3-dk5-10.00.Custom Linux kernel binary image for vers ii linux-image-2. 2.6.39.3-dk6-10.00.Custom Linux kernel binary image for vers ii make 3.81-8 An utility for Directing compilati ii shorewall-doc 4.4.11-1 documentation for Shoreline Firewa -- Configuration Files: /etc/default/shorewall6 changed: startup=1 OPTIONS="" /etc/shorewall6/shorewall6.conf [Errno 13] Permission denied: u'/etc/shorewall6/shorewall6.conf' -- debconf information: shorewall6/major_release: shorewall6/dont_restart: shorewall6/invalid_config: -- GnuPG public key: http://dvdkhlng.users.sourceforge.net/dk.gpg Fingerprint: B17A DC95 D293 657B 4205 D016 7DEF 5323 C174 7D40
pgpz12MhD6kvZ.pgp
Description: PGP signature