Andre Vanha
Thu, 08 Sep 2005 13:40:57 -0700
Lionel Elie Mamane wrote:
True, I was hoping to see it in the 6.13 kernel, but it still isn't there yet. Does anyone have any idea when it might get put in? I've researched it, and it appears that there is an effort to rewrite the stateful filtering framework to make it more modular so the same code could be used for IPv4, IPv6 and other protocols. I think that's great, but IPv6 has been around for a long time now, and anything, even a temporary port of the IPv4 code would be better than nothing.On Wed, Sep 07, 2005 at 07:22:19PM +1200, Lee Begg wrote:On Wed, 07 Sep 2005 17:35, [EMAIL PROTECTED] wrote:For example: If you used iptables to block all sorts of ports, but you still had ipv6 enabled on a nic, could those ports still be accessed via an ipv6 travelling packet?Yes, but only if you have a "real" ipv6 address on that nic (ie, site or global address). To block the ports for ipv6, use the same commands using ip6tables instead of iptables - it should be that easy.Should, but isn't. There's no stateful filtering yet.
Andre -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]