Andrew Suffield wrote: > On Sat, Sep 15, 2007 at 01:10:04PM -0700, Tom Eastep wrote: >> iptables is iptables; ip6tables is ip6tables. The rulesets created using >> these two utilities are totally independent. So there is no reason to >> have a single product that produces both configuration. > > Urgh. So the braindamage is in netfilter itself. > > What are you supposed to do when you are running a host that's acting > as a router between multiple ipv4 and ipv6 networks, and want to > filter/nat/mangle/whatever traffic between them?
It's my understanding that uou use ip6tables for that and use the fact that the IPv4 address space is embedded within the IPv6 address space. But beware -- ipt6tables does not support any form of NAT. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
