On Sat, May 09, 2015 at 08:06:39AM +0300, Andrei Borzenkov wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
В Fri, 08 May 2015 22:56:59 +0200 "Carlos E. R." <robin.listas@telefonica.net> пишет:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-05-08 22:39, James Knott wrote:
On 05/08/2015 03:31 PM, Carlos E. R. wrote:
It looks like it's choking on the link local address. You normally filter on a regular IPv6 address. One big difference is that it knows what network a regular address is on, but not with a link local address.
It is my HP printer address, I found out. Maybe I could set it up to a regular address :-? [...] No. The web control page allows to define the IPv4 address, but not the IPv6 one. [...] Just looked at the printer physical panel, and it is not possible to configure IPv6, just allow or disallow services.
So... how can I tell my computer to accept those packets, without opening it to the world?
FW_TRUSTED_NETS appears to be IPv4 only (as other configuration variables). As far as I can tell there is only support for basic generic rules for IPv6. You probably need to use custom functions and call ip6tables directly.
Hi, Yes, FW_TRUSTED_NETS is v4 only. But you could add a rule allowing port 5353 UDP, although not network limited. FW_SERVICES_EXT_UDP="5353" Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org