Mailinglist Archive: opensuse (933 mails)

< Previous Next >
Re: [opensuse] IPv6 firewall
  • From: James Knott <james.knott@xxxxxxxxxx>
  • Date: Fri, 04 Jun 2010 16:36:31 -0400
  • Message-id: <4C0963CF.2060304@xxxxxxxxxx>
Marcus Meissner wrote:
On Fri, Jun 04, 2010 at 07:00:28AM -0400, Adam Tauno Williams wrote:
On Thu, 2010-06-03 at 10:25 -0400, James Knott wrote:
I have been using SuSEfirewall2 for several years with IPv4. However,
IIRC, it doesn't work with IPv6, which I have recently started using.
What firewalls work with IPv6?
SuSEfirewall2 supports IPv6 btw.

What is missing?

Ciao, Marcus
Well, for starters, how to configure the interface. I use a tunnel "sit1" to connect to the tunnel broker. I don't see that interface available in the Yast firewall configuration, even though "tun0", which I use for OpenVPN is there.

BTW, I went to a coffee shop hotspot and ran nmap againt the IPv6 address of my firewall and also against a computer behind the firewall, reachable via IPv6 address. Nmap couldn't find anything with the firewall IPv6 address, but showed ssh open for IPv4, and I can ssh to it via IPv6. The computer behind the firewall showed several ports open and I could connect to it via ssh and also use samba file sharing. Fortunately, port scanning IPv6 addresses is a huge, virtually impossible job, because of all the possible addresses. In the end, I only want the IPv6 firewall to pass ssh and imaps. The IPv4 firewall interface also has to pass OpenVPN and the IP protocol 41 6to4 tunnel.
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups