Shorewall users - Aug 2003 - Does anybody have experience with IPv6

I had to switch back again to Monmotha, since IPv6 is not working anymore.

I would like to talk to somebody who has set up IPv6 and not bother too 
much the list with this details, which are often goes beyond of the 
firewall problem.

bye

Ronald

-- 
Ronald Wiplinger  (CEO of ELMIT)
http://www.elmit.com    +886 (0) 915 653-452
- I''m a SpamCon Foundation Member, #694, Verify it at
http://www.spamcon.org


PS: Spam prevention!
Our system is protected with a spam prevention program. 
If you send us an e-mail, our system will send you a confirmation message back.
Just reply to this confirmation message please.
After receiving this confirmation message, our system will send the hold message
(one) and all future messages (after the received confirmation message) to me
without asking you again.

On Thu, 2003-08-28 at 03:07, Ronald Wiplinger wrote:
> I had to switch back again to Monmotha, since IPv6 is not working anymore.
> 
You pass IPv6 through a Shorewall firewall with rules that specify
protocol 41.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

Tom Eastep wrote:
>On Thu, 2003-08-28 at 03:07, Ronald Wiplinger wrote:
>  
>
>>I had to switch back again to Monmotha, since IPv6 is not working
anymore.
>>
>>    
>>
>
>You pass IPv6 through a Shorewall firewall with rules that specify
>protocol 41.
>
>-Tom
>  
>
I did both ports:

#
#	Accept IPv6 tunnel protocol connections
#
ACCEPT		net		fw		tcp	41
ACCEPT		net		fw		tcp	4343

but you are right there is something missing from the fw to the loc.
How can I do this best?

Could it be done that way:

ACCEPT		all		all		tcp	41
ACCEPT		all		all		tcp	4343

???

Can I use "all all"  ? or do I need "net fw" & "fw
loc" & "loc fw" & "fw
net" ???

bye

Ronald

-- 
Ronald Wiplinger  (CEO of ELMIT)
http://www.elmit.com    +886 (0) 915 653-452
- I''m a SpamCon Foundation Member, #694, Verify it at
http://www.spamcon.org


PS: Spam prevention!
Our system is protected with a spam prevention program. 
If you send us an e-mail, our system will send you a confirmation message back.
Just reply to this confirmation message please.
After receiving this confirmation message, our system will send the hold message
(one) and all future messages (after the received confirmation message) to me
without asking you again.

On Thu, 2003-08-28 at 09:00, Ronald Wiplinger wrote:
> Tom Eastep wrote:
> 
> >On Thu, 2003-08-28 at 03:07, Ronald Wiplinger wrote:
> >  
> >
> >>I had to switch back again to Monmotha, since IPv6 is not working
anymore.
> >>
> >>    
> >>
> >
> >You pass IPv6 through a Shorewall firewall with rules that specify
> >protocol 41.
> >
> >-Tom
> >  
> >
> I did both ports:
> 
> #
> #	Accept IPv6 tunnel protocol connections
> #
> ACCEPT		net		fw		tcp	41
> ACCEPT		net		fw		tcp	4343
> 
> but you are right there is something missing from the fw to the loc.
> How can I do this best?
> 
> Could it be done that way:
> 
> ACCEPT		all		all		tcp	41
> ACCEPT		all		all		tcp	4343
> 
> ???
> 
> Can I use "all all"  ? or do I need "net fw" &
"fw loc" & "loc fw" & "fw
> net" ???
> 
*PROTOCOL* 41, NOT *PORT* 41

ACCEPT	all	all	41

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

[This email is either empty or too large to be displayed at this time]