[Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Nico Pagliaro
Hi everybody, I am trying to implement IPv6 in my lan PC. I have a shorewall 4.0.3 working with ipv4 perfect, and I trying to test IPv6 from my lan computer with tunnel broker Hurricane electric) I have windows 7 in my PC and I executed the commands that tunnel broker tell me to execute. All that

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Neil Watson
You'll need to use shorewall6 which handles IPV6 traffic. It works the same as shorewall4 such that you IPV6 interface will lead to your internet zone. Essentially you have two entirely separate firewalls. -- Neil Watson Linux/UNIX Consultant http://watson-wilson.ca

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Tom Eastep
On 03/06/2012 09:19 AM, Nico Pagliaro wrote: Hi everybody, I am trying to implement IPv6 in my lan PC. I have a shorewall 4.0.3 working with ipv4 perfect, and I trying to test IPv6 from my lan computer with tunnel broker Hurricane electric) I have windows 7 in my PC and I executed the commands

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Nico Pagliaro
Thanks, I am upgrading to 4.5 right now Question: if I have 4.5 working, I need to have shorewall and shorewall6 running at the same time or I can have only shorewall runnning with 6in4 configuration in tunnels file? thanks On Tue, Mar 6, 2012 at 4:27 PM, Tom Eastep teas...@shorewall.net

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Neil Watson
Assuming you are using Linux, shorewall manages ipv4 rules via iptables. Shorewall6 manages ipv6 rules via ip6tables. On the Debian hosts I manage there is /etc/shorewall and /etc/shorewall6. They are entirely separate. -- Neil Watson Linux/UNIX Consultant http://watson-wilson.ca

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Nico Pagliaro
Great. Now I have shorewall 4.5 installed and running. I am trying to use hurrican electric tunnel broker but I dont know who I enable protocol 41 traffic in/out to my PC. any idea? I want to use a IPv6 in my PC and access ipv6 sites. To this, I have installed hurrican tunnel in my PC with the

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Neil Watson
On Tue, Mar 06, 2012 at 05:06:14PM -0200, Nico Pagliaro wrote: I am trying to use hurrican electric tunnel broker but I dont know who I enable protocol 41 traffic in/out to my PC. I think that the ipsec macro will handle this. -- Neil Watson Linux/UNIX Consultant http://watson-wilson.ca

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Tom Eastep
On 03/06/2012 11:06 AM, Nico Pagliaro wrote: Great. Now I have shorewall 4.5 installed and running. I am trying to use hurrican electric tunnel broker but I dont know who I enable protocol 41 traffic in/out to my PC. any idea? I want to use a IPv6 in my PC and access ipv6 sites. To this, I

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Nico Pagliaro
mm I dont know about that. The documentation in Hurrican Electric or tunnelbroker says that I need to enable protocol 41 in and out. is this correct ACCEPT loc net 41 ACCEPT net loc 41 On Tue, Mar 6, 2012 at 5:08 PM, Neil Watson n...@watson-wilson.ca wrote: On

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Nico Pagliaro
But reading this, I need to configure a IPv6 in my firewall. is this necessary if the only thing I want is to allow protocol 41 in and out? On Tue, Mar 6, 2012 at 5:30 PM, Tom Eastep teas...@shorewall.net wrote: On 03/06/2012 11:06 AM, Nico Pagliaro wrote: Great. Now I have shorewall 4.5

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Tom Eastep
On 03/06/2012 11:42 AM, Nico Pagliaro wrote: But reading this, I need to configure a IPv6 in my firewall. is this necessary if the only thing I want is to allow protocol 41 in and out? http://www.shorewall.net/6to4.htm#idp2946368 -Tom -- Tom Eastep\ When I die, I want to go like my

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Neil Watson
On Tue, Mar 06, 2012 at 05:42:58PM -0200, Nico Pagliaro wrote: But reading this, I need to configure a IPv6 in my firewall. is this necessary if the only thing I want is to allow protocol 41 in and out? I believe that 41 is IPV4 traffic. It encapsulates IPV6 traffic. So your IPV4

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Simon Hobson
Nico Pagliaro wrote: But reading this, I need to configure a IPv6 in my firewall. is this necessary if the only thing I want is to allow protocol 41 in and out? If you are only enabling IPv6 on your PC then your don't need IPv6 on your firewall - at all. Just allow the right traffic (protocol 41

Re: [Shorewall-users] How to IPv6 in shorewall 4.0.3

2012-03-06 Thread Nico Pagliaro
Wow, thanks for your information! my server is Centos. I think that commands are different, arent they? On Tue, Mar 6, 2012 at 6:33 PM, Simon Hobson li...@thehobsons.co.uk wrote: Nico Pagliaro wrote: But reading this, I need to configure a IPv6 in my firewall. is this necessary if the only

[Shorewall-users] Shorewall 4.5.0.3

2012-03-06 Thread Tom Eastep
4.5.0.3 is now available for download. Problems corrected in 4.5.0.3: 4.5.0.3 1) The .service file with Shorewall Init specified that /sbin/shorewall-init should be run for start and stop, but there was no such file. Now, the installer will install /sbin/shorewall-init and will

[Shorewall-users] adsl problems after update to 4.5

2012-03-06 Thread Ricardo Rios - Shorewall List
Hi Tom I have several issues after i upgrade a shorewall linux box from 4.4.27.3 to 4.5.0-2 with 4 adsl providers, after the update all seems to be working fine, but after a day or two, when the adsl crash, shorewall is unable to use that provider again giving error : Adding Providers...

Re: [Shorewall-users] adsl problems after update to 4.5

2012-03-06 Thread Tom Eastep
On 3/6/12 1:13 PM, Ricardo Rios - Shorewall List shorew...@malargue.gov.ar wrote: Hi Tom I have several issues after i upgrade a shorewall linux box from 4.4.27.3 to 4.5.0-2 with 4 adsl providers, after the update all seems to be working fine, but after a day or two, when the adsl crash,

Re: [Shorewall-users] adsl problems after update to 4.5

2012-03-06 Thread Ricardo Rios - Shorewall List
El 2012-03-06 20:53, Tom Eastep escribió: On 3/6/12 1:13 PM, Ricardo Rios - Shorewall List shorew...@malargue.gov.ar [1] wrote: Hi Tom I have several issues after i upgrade a shorewall linux box from 4.4.27.3 to 4.5.0-2 with 4 adsl providers, after the update all seems to be working

Re: [Shorewall-users] adsl problems after update to 4.5

2012-03-06 Thread Ricardo Rios - Shorewall List
El 2012-03-06 21:34, Tom Eastep escribió: On 3/6/12 4:18 PM, Ricardo Rios - Shorewall List shorew...@malargue.gov.ar wrote: El 2012-03-06 20:53, Tom Eastep escribió: On 3/6/12 1:13 PM, Ricardo Rios - Shorewall List shorew...@malargue.gov.ar [1] wrote:Do you run LSM? - Nop, i dont use

[Shorewall-users] blocking INVALID packet leakage

2012-03-06 Thread J. Randall Owens
I've been rather annoyed by the RFC1918 packets showing up on the public (kind of, it's complicated) side of my NAT router. I found some good summaries of the problem and its cause: http://ubuntuforums.org/archive/index.php/t-1689959.html http://bugzilla.netfilter.org/show_bug.cgi?id=693