Hi All, I am trying to use shorewall6 to DROP/REJECT TCP/IPv6 traffic. I am running shorewall6 4.4.26.1 with one interface configuration on Ubuntu 12.04. What I found was that DROP works correctly, but REJECT does not.
I have the following in /etc/shorewall6/policy #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST $FW net REJECT net $FW DROP info net all DROP info # The FOLLOWING POLICY MUST BE LAST all all REJECT info Then when I try to TCP connect to a host, I don't get the connection refused immediately as shorewall does for TCP/IPv4. But the connection is trying until it is timed out later. Does anybody have any idea why I am getting this and how I make REJECT work as expected for TCP/IPv6. Your help is highly appreciated. Bin ------------------------------------------------------------------------------ How fast is your code? 3 out of 4 devs don\\\'t know how their code performs in production. Find out how slow your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219672;13503038;z? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
