[Shorewall-users] Problem about IPv6 MulitiISP

Prachachart Stapornnanon Fri, 08 Mar 2013 03:16:50 -0800

Good Afternoon


I use shorewall to do multi ISP both IPv4 and IPv6 

 

About IPv4(shorewall) is no problem 

 

but ipv6(shorewall6) has problem can't start when i write config  in
/etc/shorewall6/providers 

 

Spite of is really close config

 

I use centos 6.3 - kernel 2.6.32-279.el6.i686  -  iptables 1.4.7-5.1   -
shorewall & shorewall6 version 4.5.11.2

 

Thank you for your help ^_^

 

At Iast i attach some involved config file below

 

 

 

/etc/shorewall6/interfaces

 

>>#ZONE             INTERFACE          OPTIONS

>>net     eth0            tcpflags,forward=1,sourceroute=0

>>net     eth2            tcpflags,forward=1,sourceroute=0

>>loc      eth1            tcpflags,forward=1

 

 

 

/etc/shorewall6/providers

 

>>#NAME           NUMBER             MARK   DUPLICATE         INTERFACE
GATEWAY                           OPTIONS                             COPY

>>ISP1  1              1              main              eth0
1:1:1:1::1            track     none

 

 

Some trace about shorewall6 can't start

 

>>Compiling...

>>Processing /etc/shorewall6/params ...

>>Processing /etc/shorewall6/shorewall6.conf...

>>Loading Modules...

>>Compiling /etc/shorewall6/zones...

>>Compiling /etc/shorewall6/interfaces...

>>Determining Hosts in Zones...

>>Locating Action Files...

>>Compiling /usr/share/shorewall6/action.Drop for chain Drop...

>>Compiling /usr/share/shorewall6/action.AllowICMPs for chain AllowICMPs...

>>Compiling /usr/share/shorewall6/action.Broadcast for chain Broadcast...

>>Compiling /usr/share/shorewall/action.Invalid for chain Invalid...

>>Compiling /usr/share/shorewall/action.NotSyn for chain NotSyn...

>>Compiling /usr/share/shorewall6/action.Reject for chain Reject...

>>Compiling /etc/shorewall6/policy...

>>Compiling TCP Flags filtering...

>>Compiling Accept Source Routing...

>>Compiling /etc/shorewall6/providers...

>>Compiling MAC Filtration -- Phase 1...

>>Compiling /etc/shorewall6/rules...

>>Compiling MAC Filtration -- Phase 2...

>>Applying Policies...

>>Generating Rule Matrix...

>>Optimizing Ruleset...

>>Creating ip6tables-restore input...

>>Compiling Interface forwarding...

>>Shorewall configuration compiled to /var/lib/shorewall6/.start

>>Starting Shorewall6....

>>Initializing...

>>Processing /etc/shorewall6/init ...

>>Processing /etc/shorewall6/tcclear ...

>>Setting up Accept Source Routing...

>>Setting up Proxy NDP...

>>Adding Providers...

>>RTNETLINK answers: Invalid argument

>>   ERROR: Command "ip -6 route add default via 1:1:1:1::1 src 1:1:1:1::2
dev eth0 table 1" Failed

>>Processing /etc/shorewall6/stop ...

>>Processing /etc/shorewall6/tcclear ...

>>Running /sbin/ip6tables-restore...

>>IPv6 Forwarding Enabled

>>Processing /etc/shorewall6/stopped ...

>>/usr/share/shorewall/lib.common: line 112:  5876 Terminated
$SHOREWALL_SHELL $script $options $@

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev

_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

[Shorewall-users] Problem about IPv6 MulitiISP

Reply via email to