On Fri, Jun 08, 2012 at 12:56:23PM -0700, Owen DeLong <o...@delong.com> wrote a message of 28 lines which said:
> IPv6 should be a simple matter of putting the same line in your > ip6tables file. My experience with attack mitigation is that tools do not always work as advertised and sometimes do bad things (such as crashing the machine). So, I agree, it "should be a simple matter" but I prefer to test first. [For instance, my IPv4 rule required a maximum of 2^28 buckets in memory while an IPv6 rule with --hashlimit-srcmask 64 would require a maximum of 2^64 buckets... What will be the effect on the system memory?]