* Sam Morris <[EMAIL PROTECTED]>: > Package: shorewall > Version: 2.2.3-2 > Severity: important > > Shorewall doesn't seem to disable IPv6 during bootup. I have > DISABLE_IPV6=Yes set in /etc/shorewall/shorewall.conf, and yet, after a > reboot: > > $ sudo ip6tables --list > Password: > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > $ sudo /etc/init.d/shorewall restart > Restarting "Shorewall firewall": done. > $ sudo ip6tables --list > Chain INPUT (policy DROP) > target prot opt source destination > > Chain FORWARD (policy DROP) > target prot opt source destination > > Chain OUTPUT (policy DROP) > target prot opt source destination
Hello, thank you for your report. I tried to reproduce the bug: $ sudo shorewall stop $ sudo iptables -P INPUT ACCEPT $ sudo iptables -P OUTPUT ACCEPT $ sudo iptables -P FORWARD ACCEPT $ sudo iptables -F $ sudo ip6tables -P INPUT ACCEPT $ sudo ip6tables -P OUTPUT ACCEPT $ sudo ip6tables -P FORWARD ACCEPT $ sudo ip6tables -F $ sudo shorewall start ... ... $ sudo ip6tables -L Chain INPUT (policy DROP) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination but, as you can see, on my own system ipv6 seems to be disabled correctly. What happens on your system if you clear all firewall rules and policies and then issue a "shorewall start"? -- lorenzo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
