Hans Witvliet wrote: > On Mon, 2006-11-27 at 18:04 +0100, Lukas Ocilka wrote: >> Pascal Bleser wrote: >>>> What do you think ? >>> I'd rather vote for enhancing the firewall module ;) >>> FTP server isn't a bad idea though, help about that is asked now and >>> then on #suse (IRC). >> I have plans (and features) to enhance the firewall module in 10.3 but >> it would be nice to hear what exactly users need. >> > > IPv6
We have these features available for IPv6 in /etc/sysconfig/SuSEfirewall2: FW_IPv6 (no,drop,reject) # What to do with IPv6 Packets? FW_IPv6_REJECT_OUTGOING (yes,no) # Reject outgoing IPv6 Packets? These rules should also work for IPv6 if state matching is available: FW_SERVICES_*_TCP FW_SERVICES_*_UDP FW_SERVICES_*_IP FW_SERVICES_*_RPC But SuSEfirewall2 on my 10.2 says: Warning: ip6tables does not support state matching. Extended IPv6 support disabled. Whence it follows that there are two issues: 1.) Enable state matching in ip6tables (maybe simple) 2.) Add handling for those two variables into yast2-firewall UI L.
signature.asc
Description: OpenPGP digital signature
