Hello All, Does SuSEfirewall work with ip6, if not will it anytime soon? When entering IP6 addrs in vars like FW_TRUSTED_NETS in /etc/sysconfig/SuSEfirewall2 i get error messages on firewall startup saying iptables does not recognize them.Also when I ping the ip6 localhost with firewall running I get bivus@localhost:~> ping6 ::1 PING ::1(::1) 56 data bytes ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ... When the firewall is not running ping6 works ok.What can I do about this ? Ivan Yosifov.
On Fri, Apr 09, 2004 at 03:10:04PM +0300, Ivan Yosifov wrote:
Hello All,
Does SuSEfirewall work with ip6, if not will it anytime soon? When entering
No, it does currently not work with IPv6. It will do that as soon as anyone implements this. Robert -- Robert Schiele Tel.: +49-621-181-2517 Dipl.-Wirtsch.informatiker mailto:rschiele@uni-mannheim.de
Hello Ivan, there are some scripts for netfilter/iptables like the SuSEfirewall on the net, have a look at www.shorewall.net , which at *least* supports IPv6 tunnels through IPv4 nets: http://shorewall.net/6to4.htm Maybe this is enough for your setup ? Regards from Germany, Philipp Ivan Yosifov schrieb:
Hello All,
Does SuSEfirewall work with ip6, if not will it anytime soon? When entering IP6 addrs in vars like FW_TRUSTED_NETS in /etc/sysconfig/SuSEfirewall2 i get error messages on firewall startup saying iptables does not recognize them.Also when I ping the ip6 localhost with firewall running I get bivus@localhost:~> ping6 ::1 PING ::1(::1) 56 data bytes ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ... When the firewall is not running ping6 works ok.What can I do about this ?
Ivan Yosifov.
Hello All, Thanks for the help, I shall investigate this options.My immediate problem was that SuSEfirewall apart form configuring ip4tables with sensible rules , creates an empty ip6table with no rules and rejecting everything by default.I am a Java developer and the Java debugger appears to use IPv6, so this is a problem.I solved this problem by editting the SuSEfirewall scrip , setting IP6TABLES to false wich effectively leaves the IPv6 completely unprotected , yet still usefull.This is certainly a pretty ugly solution.I hope SuSE add IPv6 support or ship a IPv6-enabled firewall in SuSE 9.1 :) Thanks for the info. Ivan Yosifov. On Friday 09 April 2004 19:11, Philipp Rusch wrote:
Hello Ivan, there are some scripts for netfilter/iptables like the SuSEfirewall on the net, have a look at www.shorewall.net , which at *least* supports IPv6 tunnels through IPv4 nets: http://shorewall.net/6to4.htm Maybe this is enough for your setup ?
Regards from Germany, Philipp
Ivan Yosifov schrieb:
Hello All,
Does SuSEfirewall work with ip6, if not will it anytime soon? When entering IP6 addrs in vars like FW_TRUSTED_NETS in /etc/sysconfig/SuSEfirewall2 i get error messages on firewall startup saying iptables does not recognize them.Also when I ping the ip6 localhost with firewall running I get bivus@localhost:~> ping6 ::1 PING ::1(::1) 56 data bytes ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ... When the firewall is not running ping6 works ok.What can I do about this ?
Ivan Yosifov.
participants (3)
-
Ivan Yosifov
-
Philipp Rusch
-
Robert Schiele