[Shorewall-users] Problem about IPv6 MulitiISP

[Prachachart Stapornnanon]

Good Afternoon

I use shorewall to do multi ISP both IPv4 and IPv6 

About IPv4(shorewall) is no problem 

but ipv6(shorewall6) has problem can’t start when i write config  in
/etc/shorewall6/providers 

Spite of is really close config

I use centos 6.3 – kernel 2.6.32-279.el6.i686  -  iptables 1.4.7-5.1   - 
shorewall & shorewall6 version 4.5.11.2

Thank you for your help ^_^

At Iast i attach some involved config file below



/etc/shorewall6/interfaces

>>#ZONE             INTERFACE          OPTIONS
>>net     eth0            tcpflags,forward=1,sourceroute=0
>>net     eth2            tcpflags,forward=1,sourceroute=0
>>loc      eth1            tcpflags,forward=1



/etc/shorewall6/providers

>>#NAME           NUMBER             MARK   DUPLICATE        
INTERFACE          GATEWAY                           OPTIONS            
                COPY
>>ISP1  1              1              main              eth0                
1:1:1:1::1            track     none


Some trace about shorewall6 can’t start

>>Compiling...
>>Processing /etc/shorewall6/params ...
>>Processing /etc/shorewall6/shorewall6.conf...
>>Loading Modules...
>>Compiling /etc/shorewall6/zones...
>>Compiling /etc/shorewall6/interfaces...
>>Determining Hosts in Zones...
>>Locating Action Files...
>>Compiling /usr/share/shorewall6/action.Drop for chain Drop...
>>Compiling /usr/share/shorewall6/action.AllowICMPs for chain AllowICMPs...
>>Compiling /usr/share/shorewall6/action.Broadcast for chain Broadcast...
>>Compiling /usr/share/shorewall/action.Invalid for chain Invalid...
>>Compiling /usr/share/shorewall/action.NotSyn for chain NotSyn...
>>Compiling /usr/share/shorewall6/action.Reject for chain Reject...
>>Compiling /etc/shorewall6/policy...
>>Compiling TCP Flags filtering...
>>Compiling Accept Source Routing...
>>Compiling /etc/shorewall6/providers...
>>Compiling MAC Filtration -- Phase 1...
>>Compiling /etc/shorewall6/rules...
>>Compiling MAC Filtration -- Phase 2...
>>Applying Policies...
>>Generating Rule Matrix...
>>Optimizing Ruleset...
>>Creating ip6tables-restore input...
>>Compiling Interface forwarding...
>>Shorewall configuration compiled to /var/lib/shorewall6/.start
>>Starting Shorewall6....
>>Initializing...
>>Processing /etc/shorewall6/init ...
>>Processing /etc/shorewall6/tcclear ...
>>Setting up Accept Source Routing...
>>Setting up Proxy NDP...
>>Adding Providers...
>>RTNETLINK answers: Invalid argument
>>   ERROR: Command "ip -6 route add default via 1:1:1:1::1 src 1:1:1:1::2
dev eth0 table 1" Failed
>>Processing /etc/shorewall6/stop ...
>>Processing /etc/shorewall6/tcclear ...
>>Running /sbin/ip6tables-restore...
>>IPv6 Forwarding Enabled
>>Processing /etc/shorewall6/stopped ...
>>/usr/share/shorewall/lib.common: line 112:  5876 Terminated             
$SHOREWALL_SHELL $script $options $@





------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users