Re: ip6tables rule being rejected.

gt; different: > > https://linux.die.net/man/8/ip6tables If you prefer reading manpages on the web you might want to use https://manpages.debian.org. That way you are looking at the manpage corresponding to your specific software and version[1]. It can be also be added as an alternative search

Re: ip6tables rule being rejected.

On Sun, 10 Oct 2021, Reco wrote: On Sun, Oct 10, 2021 at 12:06:25PM +0100, Tim Woodall wrote: When I try to add the following rule: # ip6tables -t nat -A POSTROUTING -s 2001::/64 -d ! 2001:1::/64 -j ACCEPT Bad argument `2001:1::/64' Try `ip6tables -h' or 'ip6tables -

Re: ip6tables rule being rejected.

Hi. On Sun, Oct 10, 2021 at 12:06:25PM +0100, Tim Woodall wrote: > When I try to add the following rule: > > # ip6tables -t nat -A POSTROUTING -s 2001::/64 -d ! 2001:1::/64 -j ACCEPT > Bad argument `2001:1::/64' > Try `ip6tables -h' or 'ip6tables --help

Re: ip6tables rule being rejected.

10.10.21, 13:06 +0200, Tim Woodall: When I try to add the following rule: # ip6tables -t nat -A POSTROUTING -s 2001::/64 -d ! 2001:1::/64 -j ACCEPT Bad argument `2001:1::/64' Try `ip6tables -h' or 'ip6tables --help' for more information. It is rejected. (Ignore the fact th

ip6tables rule being rejected.

Hi, When I try to add the following rule: # ip6tables -t nat -A POSTROUTING -s 2001::/64 -d ! 2001:1::/64 -j ACCEPT Bad argument `2001:1::/64' Try `ip6tables -h' or 'ip6tables --help' for more information. It is rejected. (Ignore the fact that this rule doesn't ma

Re: ip6tables: unexpected behaviour ?

Hello list, On 24/07/14 22:17, Jochen Spieker wrote: > Jerome BENOIT: >> >> On 24/07/14 21:48, Erwan David wrote: >>> Le 24/07/2014 21:43, Jerome BENOIT a écrit : >>>> Hello List, >>>> >>>> I am building an IPv6 firewall: I get the m

Re: ip6tables: unexpected behaviour ?

Hello Again, On 24/07/14 22:17, Jochen Spieker wrote: > Jerome BENOIT: >> >> On 24/07/14 21:48, Erwan David wrote: >>> Le 24/07/2014 21:43, Jerome BENOIT a écrit : >>>> Hello List, >>>> >>>> I am building an IPv6 firewall: I get the m

Re: ip6tables: unexpected behaviour ?

Jerome BENOIT: > > On 24/07/14 21:48, Erwan David wrote: >> Le 24/07/2014 21:43, Jerome BENOIT a écrit : >>> Hello List, >>> >>> I am building an IPv6 firewall: I get the message >>> >>> ip6tables v1.4.14: host/network `172.20.0.1'

Re: ip6tables: unexpected behaviour ?

On 24/07/14 21:48, Erwan David wrote: > Le 24/07/2014 21:43, Jerome BENOIT a écrit : >> Hello List, >> >> I am building an IPv6 firewall: I get the message >> >> ip6tables v1.4.14: host/network `172.20.0.1' not found >> >> >> Is it expect

Re: ip6tables: unexpected behaviour ?

Le 24/07/2014 21:43, Jerome BENOIT a écrit : > Hello List, > > I am building an IPv6 firewall: I get the message > > ip6tables v1.4.14: host/network `172.20.0.1' not found > > > Is it expected ? > > Thanks in advance, > Jerome > > It seems quite natura

ip6tables: unexpected behaviour ?

Hello List, I am building an IPv6 firewall: I get the message ip6tables v1.4.14: host/network `172.20.0.1' not found Is it expected ? Thanks in advance, Jerome -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Re: (Debian 2.6.32-45) problems using ipv6/ip6tables #2

g.spellauge a écrit : > thanks, bu what i do not understand is the fact, that v6-traffic (even > the responses to http-requests) is completely blocked after successfully > receiving a few echo-replys? Because after some time the neighbour cache entry expires and needs to be refreshed, but your ru

Re: Re: (Debian 2.6.32-45) problems using ipv6/ip6tables #2

thanks, bu what i do not understand is the fact, that v6-traffic (even the responses to http-requests) is completely blocked after successfully receiving a few echo-replys? if i modify ${IPT} -A INPUT -i ${INE_IFACE} -m state --state ESTABLISHED,RELATED -j ACCEPT ${IPT} -A INPUT -i

Re: (Debian 2.6.32-45) problems using ipv6/ip6tables #2

Hello, Stephan Seitz a écrit : > > IPv6 doesn't have ARP anymore, it uses ICMPv6 to > discover ARP addresses and neighbours with the help of multicast IPv6 > addresses. So your configuration probably drops these packets. It would > try to allow all icmpv6 traffic: > ${IPT} -A INPUT -j A

Re: (Debian 2.6.32-45) problems using ipv6/ip6tables #2

On Wed, May 16, 2012 at 01:54:42PM +0200, gus...@spllg.de wrote: i'm new to ipv6, just trying to go the first steps and got trapped. Yes, so it seems. IPv6 doesn’t have ARP anymore, it uses ICMPv6 to discover ARP addresses and neighbours with the help of multicast IPv6 addresses. So your conf

(Debian 2.6.32-45) problems using ipv6/ip6tables #2

route $cmd ::/0 via 2001:1438:2000::1 after executing ipv6 start i can ping6 our internet router (2001:1438:2000::1) and ipv6-addresses in the outside world such as ipv6.google.com and www.nasa.gov now i created a minimal firewall configuration - #ipv6firewall INE_IFACE="eth1" LAN_

(Debian 2.6.32-45) problems using ipv6/ip6tables

route $cmd ::/0 via 2001:1438:2000::1 after executing ipv6 start i can ping6 our internet router (2001:1438:2000::1) and ipv6-addresses in the outside world such as ipv6.google.com and www.nasa.gov now i created a minimal firewall configuration - #ipv6firewall INE_IFACE="eth1" LAN_

Re: Iptables & ip6tables

On Tuesday 03 November 2009 13:34:42 David Baron wrote: > Should ip6tables replace iptables? No. > Should both be running? Yes. > Is there a proper firewall with just iptables? If it does not have a IPv6 address, and rejects all IPv6-in-IPv4 tunneling traffic, yes. -- Boyd Stephen

Iptables & ip6tables

The firewalls, i.e. guarddog, etc., set up rule sets for iptables. Iptables documentation says its for ip4. There is also an ip6tables. This does not have all the chains and rules set. Seems things are using ip6 now. Netstat cites ip6-localcost;. Should ip6tables replace iptables? Should

ip6tables

. I set up a really primitive ip6tables firewall to allow tomcat to do its stuff (where eth2 is the internet NIC): Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DROP 0eth2 * ::/0