Togan Muftuoglu wrote:
On 01/19/2011 02:27 PM, James Knott wrote:
# http://en.opensuse.org/Packaging/SUSE_Package_Conventions/Sysconfig # It's generally a good idea to avoid using shell variable # substitution (foo="$bar") and multi line values.
Togan
I tried that and it completely killed my IPv6 connection. Nmap shows all ports closed and I can't even ping ipv6.google.com. So, it appears that "\" is necessary for IPv6 to work.
Himm, Ok could you send the output of to make sure you have ip6 forwarding turned on
grep IPV6_FORWARD /etc/sysconfig/sysctl (this should be yes)
and
for i in /proc/sys/net/ipv6/conf/* ; do cat $i/forwarding;done
you should see 1 if this box is doing ipv6 forwarding
Togan
It is turned on and has been working for months. It was that change to Susefirewall2, by removing the "\" that caused it to fail. Restoring it enabled IPv6 to work again. Also, an example in Susefirewall2 shows that character in use. "## Type: string # # Which services or networks are allowed to be routed through the # firewall, no matter which zone they are in? # Requires: FW_ROUTE # # With this option you may allow access to e.g. your mailserver. The # machines must have valid, non-private, IP addresses which were # assigned to you by your ISP. This opens a direct link to the # specified network, so please think twice befor using this option! # # Format: space separated list of # <source network>,<destination network>[,protocol[,destination port[,flags] ]] # # If the protocol is icmp then port is interpreted as icmp type # # The only flag currently supported is 'ipsec' which means to only # match packets that originate from an IPsec tunnel # Examples: - "1.1.1.1,2.2.2.2" allow the host 1.1.1.1 to access any # service on the host 2.2.2.2 # - "3.3.3.3/16,4.4.4.4/24" allow the network 3.3.3.3/16 # to access any service in the network 4.4.4.4/24 # - "5.5.5.5,6.6.6.6,igmp" allow routing of IGMP messages # from 5.5.5.5 to 6.6.6.6 # - "0/0,0/0,udp,514" always permit udp port 514 to pass # the firewall # - "192.168.1.0/24,10.10.0.0/16,,,ipsec \ # 10.10.0.0/16,192.168.1.0/24,,,ipsec" permit traffic # from 192.168.1.0/24 to 10.10.0.0/16 and vice versa # provided that both networks are connected via an # IPsec tunnel. # - "fd76:9dbb:91a3:1::/64,fd76:9dbb:91a3:4::/64,tcp,ssh" # allow ssh from one IPv6 network to another" In the above example, the \ is part of the line that permits traffic to flow in both directions from the IPSec VPN. The sit0 tunnel behaves just like a vpn. Bottom line, that "\" character is required for my IPv6 connection, via 6in4 tunnelling, to work. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org