Hello, Do I need to enable any flags in the kernel ? I see *nf_reject_ipv4 module and I did not see that for ipv6.*
root@a48c0842-1c54-8659-7c7a-8d64480bc164:~# lsmod | grep ipv4 *nf_reject_ipv4 16384 1 ipt_REJECT* nf_log_ipv4 16384 3 nf_log_common 16384 2 nf_log_ipv4,nf_log_ipv6 nf_defrag_ipv4 16384 1 nf_conntrack root@a48c0842-1c54-8659-7c7a-8d64480bc164:~# lsmod | grep ipv6 nf_log_ipv6 16384 0 nf_log_common 16384 2 nf_log_ipv4,nf_log_ipv6 nf_defrag_ipv6 16384 1 nf_conntrack Thanks, Nag On Thu, Dec 9, 2021 at 2:26 PM Tuomo Soini <t...@foobar.fi> wrote: > On Wed, 8 Dec 2021 19:35:57 +0530 > Nagarjun J <1nagarj...@gmail.com> wrote: > > Regexp issues need to be addresses but those are /not/ error. > > > *ip6tables-restore v1.8.3 (legacy): unknown option > > "--reject-with"Error occurred at line: 110Try `ip6tables-restore -h' > > or 'ip6tables-restore --help' for more information. ERROR: > > iptables-restore Failed. Input is in* > > This is your error. For some reason ip6tables-restore doesn't understand > what you have defined for proxyndp. > > Why do you need proxyndp? Any isp should give you network which > is bigger than /64 so you can just do routing and don't need to do > proxyndp. Giving single network would be violation of rfcs, everybody > need proper IPv6 block from their isp, like /60 at minimum (16 > networks) or /56 (256 networks). > > -- > Tuomo Soini <t...@foobar.fi> > Foobar Linux services > +358 40 5240030 > Foobar Oy <https://foobar.fi/> > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users