Your message dated Mon, 28 Jan 2019 23:03:44 +0100 with message-id <7147a5073df6fa526a2afa40d21e9f0a251b54cd.ca...@g-e-u-e-r.de> and subject line Re: Bug#684920: tried to just do NAT, blocks protocol 41 has caused the Debian Bug report #684920, regarding tried to just do NAT, blocks protocol 41 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 684920: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684920 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: arno-iptables-firewall Version: 1.9.2.k-4 With the ipmasq package gone the way of the dodo, I needed NAT functionality on a computer w/ a first-class IPv4 address to run an iodine server on that host. That host already had IPv6 connectivity using the auto6to4 package (in experimental) which sets up a standard 6to4 tunnel to the standard IPv4 anycast address, which uses IPv4 protocol 41 packets. (Note, *protocol* 41, not port 41.) Installing arno-iptables-firewall and configuring it for NAT functionality and *nothing else* blocked the IPv4 protocol 41 packets and thus killed the 6to4 tunnel. When I tried the miredo package instead, that was also broken, for similar reasons. It would be nice if arno-iptables-firewall had a "NAT and no blocking" option, so it could be used as a plug-in replacement for ipmasq, and would be guaranteed not to mess up IPv6 connectivity via IPv4 tunnels. Or at least, if there were documentation. (Of course, this was on a "stable" machine running an old version. If this is fixed in more recent versions --- it doesn't seem to be judging from just changelog entries --- my apologies.) --Barak. -- Barak A. Pearlmutter Hamilton Institute & Dept Comp Sci, NUI Maynooth, Co. Kildare, Ireland http://www.bcl.hamilton.ie/~barak/
--- End Message ---
--- Begin Message ---Tags: wontfix Hello Barak, On Wed, 22 Aug 2012 11:59:41 +0100 "Barak A. Pearlmutter" < ba...@cs.nuim.ie> wrote: > Okay, will check it out. > > But, could I ask you for precise instructions for installation? > What I want is: "set up NAT for private address blocks, and touch > nothing else", and I'm not sure how to express this with an > ipv6-over-ipv4 plugin. > > (I want the NAT in order to route addresses allocated by an iodine > server running on the machine, which grants its IP-over-DNS clients > addresses of the form 192.168.x.x.) > > --Barak. > > This doesn't look like a bug to me but like a discussion on how to configure the firewall to serve a specific purpose. Maybe you solved this issue with Arno's help back in 2012? Please feel free to open a new bug in case you still think there's really a bug with what you encountered in a more current version of arno-iptables-firewall. Regards, Sven
--- End Message ---
