On Mon, 01 Nov 2004 16:33:52 +1300, Volker Kuhlmann <[EMAIL PROTECTED]> wrote: > > > install net-pf-10 /bin/true > > > > This doesn't seem to disable ipv6 for me. > > By itself no, you'll have to reboot.
I added this to /etc/modprobe.conf install ipv6 /bin/true and rebooted. This got rid of IPv6, but hasn't solved my DNS resolution problems. The line you quoted Volker was for SuSE 9.0, but thanks anyway. > > I haven't setup the firewall on SuSE yet, and there is no firewall on > > the DNS servers. > > I'm only talking about the host hylafax, the others don't have a > problem. SuSEfirewall2 runs by default with (about) all incoming > blocked. The default also logs dropped ipv6 packets, which in turn > forces the ipv6 modules to be loaded. As I said, you'll need to disable > that (or remove the firewall from the runlevel and reboot). To disable, > inspect variables starting with FW_IPv6_ in /etc/sysconfig/SuSEfirewall2. The runlevel editor shows that SuSEfirewall2 isn't starting up. I have configured it and then stopped it just in case. Here is what I have got. It should all be the defaults because I haven't changed anything. FW_QUICKMODE="no" FW_DEV_EXT="auto" FW_DEV_INT="" FW_DEV_DMZ="" FW_ROUTE="no" FW_MASQUERADE="no" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="no" FW_SERVICES_EXT_TCP="" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_EXT_RPC="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_DMZ_RPC="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_SERVICES_INT_RPC="" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="no" FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS" FW_SERVICE_AUTODETECT="yes" FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="no" FW_FORWARD="" FW_FORWARD_MASQ="" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="yes" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="" FW_KERNEL_SECURITY="yes" FW_ANTISPOOF="no" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_TRACEROUTE="no" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="int" FW_IGNORE_FW_BROADCAST="no" FW_ALLOW_CLASS_ROUTING="no" FW_CUSTOMRULES="" FW_REJECT="no" FW_HTB_TUNE_DEV="" FW_IPv6="" FW_IPv6_REJECT_OUTGOING="yes" FW_IPSEC_TRUST="no" FW_IPSEC_MARK="" I assume that with IPv6 being disabled now, that the FW_IPv6 stuff is no longer relevant. > > I don't have rcnscd on this box anywhere. What is it supposed to do? > > nscd is the name service caching daemon. It gets installed and started > by default. I guess it doesn't get installed on a minimal install. Maybe I should install it? -- Later David Kirk
