Lennart Sorensen wrote: > On Wed, Dec 10, 2008 at 09:35:16AM -0800, Tom Eastep wrote: >> Within the next few days, I will be making the first 4.3.0 Alpha release >> available. Shorewall 4.3 will feature support for IPV6. >> >> Two new packages will be included: >> >> 1) Shorewall6 -- analagous to the current Shorewall-common but for >> IPv6. >> 2) Shorewall6-lite -- analagous to the current Shorewall-lite. >> >> The Shorewall-perl compiler is enhanced to be able to handle either an >> IPv4 configuration or an IPv6 configuration. >> >> Key features of Shorewall6 are: >> >> 1) There is no NAT of any kind (most people see this as a giant step >> forward). When an ISP assigns you a public IPv6 address, you are >> actually assigned an IPv6 'prefix' which is like an IPv4 subnet. A >> 64-bit prefix allows 4 billion individual hosts (the size of the current >> IPv4 address space). > > Well actually you get 4 billion squared. IPv4=32bit, IPv6=128bit, so a > 64bit prefix gives you 2^64 addresses.
Yes -- a 96 bit prefix gives you 4 billion local addresses. > > I look forward to playing with shorewall6 though. > >> 2) The configuration is kept in /etc/shorewall6 >> >> 3) The default zone type is ipv6. > > So how does shorewall and shorewall6 interact on a single machine if you > use both IPv4 and IPv6? They don't -- they are completely independent, just as IPv4 and IPv6 are independent in the kernel (separate routing tables, separate netfilter tables, separate routing rules, ...). -Tom -- Tom Eastep \ The ultimate result of shielding men from the Shoreline, \ effects of folly is to fill the world with fools. Washington, USA \ -Herbert Spencer http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
