Hello, Thanks for your preceeding two replies - much appreciated !
I have three questions regarding running an IPv6 configuration which could surely benefit from your experience, since they are not directly related to Shorewall, but happens when using the IPv6 portion. 1) When shorewall6 is run, the following is logged. Since broadcast is not supported in Ipv6, logging this is a bit puzzling: Oct 1 13:04:39 deb kernel: [ 9570.619744] xt_addrtype: ipv6 does not support BROADCAST matching 2) Once shorewall6 has established a firewall (a very simple one to start with) there is no netfilter subdirectory in /proc/sys/net/ipv6. There is in ipv4/, with a few conntrack options. The following IPv6 modules are loaded: nf_conntrack_ipv6 13124 11 nf_defrag_ipv6 12720 2 xt_TPROXY,nf_conntrack_ipv6 3) When I use 'ip6tables -L' to verify, ip6tables lists a few things, then seems to wait for something before displaying more. Why is that so ? Thanks. ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
