On 01/09/2011 05:22 PM, James Knott wrote:
I use a 6in4 tunnel to obtain IPv6 access. It uses sit1 as the tunnel interface. I have configured the firewall to have sit1 in the external zone. Today, I tried running nmap to my firewall, on both IPv4 and IPv6.
Here is the results of the IPv4 scan:
PORT STATE SERVICE 22/tcp open ssh 993/tcp open imaps
And IPv6:
PORT STATE SERVICE 7/tcp open echo 9/tcp open discard 13/tcp open daytime 19/tcp open chargen 22/tcp open ssh 37/tcp open time 80/tcp open http 139/tcp open netbios-ssn 143/tcp open imap 445/tcp open microsoft-ds 993/tcp open imaps
As you can see, there is a significant difference. The IPv4 scan shows exactly what I expected. However, IPv6 shows several other ports open, which are not supposed to be allowed by the firewall. Does the firewall in OpenSUSE 11.3 not properly filter these common protocols on IPv6. Also, I see no diference whether I scan the firewall or a computer behind the firewall on IPv6. Is there a more suitable firewall that I should be using?
Can you post your /etc/sysconfig/SuSEfirewall2 config maybe that can help Togan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org