hello Tom, Thanks for your effort on the IPv6 support. I find it amzing how productive you are!
I have the rpm versions of 4.3.1 installed I would like to give some feeback on the IPv6 support. So far I have used 6wall, but I am not exactly up to date on IPv6 support in Linux, so please bear with me if I make silly mistakes: 1) The IP_FORWARDING option 4.3.1 is not accepted: WARNING: Unknown configuration option (IP_FORWARDING) ignored : /etc/shorewall6/shorewall6.conf (line 94) 2) On my (Centos5) there are some lines in macro.AllowICMPs that are not accepted. At the end there are a number of lines where protocol icpv6-icmp is used. This protocol is not in the /etc/protocols file, and I could not find any info on it on the internet. The port values seem to suggest that this is normal icmpv6. Comments? 3) /usr/share/shorewall6/modules file is the same as for ipv4. Did you miss to include the ipv6 version? I copied the modules6 file from 6wall info /etc/shorewall6, but that does not work either 4) It does not work for me. It looks as if connection tracking is not supported. Could that be correct? When I set the policy to accept with logging, I see responses to ssh that I use for testing in the logfile best regards, Louis On Fri, 2008-12-12 at 07:32 -0800, Tom Eastep wrote: > 4.3.1 is available for download. > > Problems Corrected in 4.3.1 > > 1) Shorewall6 parsing of the hosts file HOSTS column has been > corrected. > > Other changes in 4.3.1 > > 1) It is now permitted to enclose addresses in [] even when an > interface name is not specified. > > Example: > > ACCEPT net:[2001:1::1] $FW > > 2) The Socket6 perl module is only required now if DNS names appear in > your Shorewall6 configuration files. > > 3) Shorewall6 now recognizes IPv4 addresses embedded in the IPv6 > address space (e.g., ::ffff:192.168.1.3). > > 4) IP_FORWARDING has been added back into shorewall6.conf and works > like the corresponding option in Shorewall. > > Happy Testing, > -Tom > ------------------------------------------------------------------------------ > SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. > The future of the web can't happen without you. Join us at MIX09 to help > pave the way to the Next Web now. Learn more and register at > http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ > _______________________________________________ Shorewall-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-devel ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
