PGNd <d...@pgnd.us> wrote: > In my shorewall6-lite rules, I have added > > Ping(ACCEPT) net:[2001:XXX:XXX4:XXX::2]/64,[2001:XXX:XXX5:XXX::]/64 > all > Ping(ACCEPT) net > all - - - - 5/sec:100
You need a load of other ICMP traffic allowed if IPv6 is going to work. What does "ip -6 neighbour show" give you ? I'm going to guess that it doesn't include 2001:XXX:XXX4:XXX::1 because you've blocked all ICMP but Ping. One of the things that will break is neighbour discovery : http://www.sixscape.com/joomla/sixscape/index.php/technical-backgrounders/tcp-ip/ip-the-internet-protocol/ipv6-internet-protocol-version-6/icmpv6-internet-control-message-protocol-for-ipv6 Just one of several areas where you need to unlearn what you learned about IPv4. ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
