Peli wrote:
On Mon, 18 Oct 2004 11:21:14 +0200 Ludwig Nussel <xxxxxxxx@yyyy.zz> wrote:
Peli wrote:
I thought, that everything is just OK with my ip6 settings under my SUSE 9.1, but very recently my firewall started to complain concerning "ip6table_mangle":
Sep 21 21:47:32 khazad-dum kernel: ip6_tables: (C) 2000-2002 Netfilter core team Sep 21 21:47:32 khazad-dum kernel: ip_tables: (C) 2000-2002 Netfilter core team Sep 21 21:47:32 khazad-dum kernel: ip_conntrack version 2.1 (4091 buckets, 32728 max) - 300 bytes per conntrack Sep 21 21:47:32 khazad-dum kernel: ip6table_filter: Unknown parameter `ip6table_mangle' [...] Could you please suggest me a way how to block ipv6 completely, but avoid the above mentioned error message in the same time?! Do I actually need ip6_tables to be loaded?!
Set FW_IPv6=no if you don't want any IPv6 packet filtering. [...] I did as you suggested: simply defined FW_IPv6=no under YAST, but even after a restart the known error-message is still there:(
The message is harmless. SuSEfirewall2 loads ip6table_filter and ip6table_mangle even if you set IPv6=no. It doesn't generate any rules though so it doesn't harm. If the messages really disturb you, you can uncomment the modprobe line in /sbin/SuSEfirewall2.
I also tried to modify the firewall settings, and put not "ppp0 eth-id-00:c0:9f:3b:7c:d0", but "ppp0 eth0" there as external interface, without any recognizable effect:(
Of course. That has nothing to do with ipv6. cu Ludwig -- (o_ Ludwig Nussel //\ SUSE LINUX AG, Development V_/_ http://www.suse.de/