On 2016-02-09 01:19, Tom Eastep wrote:
> On 02/08/2016 10:28 AM, Benny Pedersen wrote:
>> On 2016-02-08 17:56, Tom Eastep wrote:
>>>> (slaac workaround)
>>> Same as it is in Shorewall (ipv4) - with an entry in
>>> /etc/shorewall6/masq:
>>> <interface> ::/0 your_ipv6_address tcp 43
> Thanks for the confirmation, Benny.
i got the problem solved with could be solved in linode.com staff to
just use one single /64, split it to 2 /96 so the first /32 part it for
slaac and the remaining is for the user, that way even if users use
slaac without snat it will still be in the same /64 with is for spamhaus
one single user
as linode now have it there is a /64 for slaac, and another /64 for user
ipv6, waste of ips, and it does imho not need to be that complicated
> To complete this thread, the SOURCE column can be left empty ("-") - it
> isn't necessary to specify ::/0.
so if i change it:
<interface> - your_ipv6_address tcp -
it will snat all ports ?, rationaly why limit snat to whois ?
is portrange 0-65535 better ?
thanks for shorewall, without it i would not had a firewall at all
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
