Jeroen van Wolffelaar wrote:
> Package: shorewall
> Version: 2.2.3-2
> ...
> The default shorewall config says:
> 
> | # Setting DISABLE_IPV6=Yes will cause Shorewall to disable IPV6 traffic
> | # to/from and through your firewall system. This requires that you have
> | # ip6tables installed.
> | DISABLE_IPV6=No
> 
> However, it lacks a strong warning that it'll *drop* ipv6 traffic (or so it
> seems), causing timeouts (that take long), instead of immediate
> 'unrouteable' or some such errors (or just working connection for
> localhost). Also, there doesn't seem to be any direct way to log the
> reject/drops from it, so you won't easily see what exactly is going on
> anyway.
> ...

Note that in Shorewall 3.0.4, the behaviour is changed somewhat.  From
the release notes:

> ...
> 2)  DISABLE_IPV6 no longer disabled local (loopback) IPV6 traffic. This
>     change is reported to improve Java startup time on some distributions.
> ...

-- 
Paul
<http://paulgear.webhop.net>
--
Did you know?  Many viruses specifically target Microsoft Outlook and
Outlook Express.  You can help to keep your computer free of viruses by
using one of the more secure alternatives from <http://mozilla.org>.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to