Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] Enable IPv6 support for SuSEfirewall2
  • From: Arjen Runsink <arjen@xxxxxxxxxxx>
  • Date: Thu, 3 Mar 2005 15:23:30 +0100
  • Message-id: <200503031523.30571.arjen@xxxxxxxxxxx>
On Thursday, 3 March 2005 13:24, Ludwig Nussel wrote:
> Arjen Runsink wrote:
> >
> > FW_IPv6="yes"
> >
> > or to anything else then "no", "drop" or "reject"
> SuSEfirwewall2 is supposed to automatically detect whether IPv6
> support is available if FW_IPv6 is empty (which is the default).
> Does that not work for you? Did you maybe update from some older
> version and therefore have old comments in
> /etc/sysconfig/SuSEfirewall2?

Yes I did update (9.2+you), found a .rpmnew version and migrated my settings
to it. Did not see a comment regarding that.
> You can find SuSEfirewall2 beta versions in people/lnussel on the
> ftp server btw. I changed the way interfaces are detected so v6-only
> interfaces should work as well now. Feedback welcome.

Ok I will try your latest version. Btw ip6t_REJECT does not seem to work. I
have been fiddling with this this moring.
As a quick test:

ip6tables -I INPUT -p tcp --dport 113 -i lo -j REJECT --reject-with tcp-reset
telnet ::1 113

telnet will timeout instead of stopping immediately

I guess that since this is not even in 2.6.11 (pristine) this is only in the
suse kernel. I have not looked at the modules' source yet.

BB, Arjen

< Previous Next >