LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-17-2011, 03:23 AM   #1
jimbo1954
Member
 
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 258

Rep: Reputation: 33
Shorewall6 not forwarding


I have a server that I have set up with 2 interfaces, one which has an IPv4 and IPv6 address (dual stack) connecting to the Internet, the other configured dual-stack to a private LAN. The server is running Shorewall and Shorewall6, configured with minimal restrictions. The server can communicate with the Internet using either IPv6 or IPv4 (check IPv6 by going to ipv6.google.com)


The server runs radvd, and a Windows7 client on the private network gets both an IPv4 and an IPv6 address. The client can access IPv4 websites on the Internet via the server (Shorewall is forwarding packets OK). The client cannot access IPv6 sites on the Internet, despite those same sites being available on the server. The client can ping the server on its IPv6 private interface but not its IPv6 public interface. Traceroute from the client to the external IPv6 address shows the route as far as the private IPv6 address, but fails to get to the public IPv6 address.

Routing looks OK, the client has a default IPv6 route to the Server, and the server has a default static route out through my IPv6 provider.

I conclude from the information above that the server is operating two dual-stack interfaces correctly, and stateless autoconfiguration is working correctly, and while shorewall is forwarding IPv4 across the kernel, shorewall6 is not forwarding anything. The Server is running Debian 5.06, with both Shorewall and Shorewall6 running vers 4.4.11.6

Has anyone experience of getting Shorewall6 to work under these circumstances....What am I doing wrong?
 
Old 01-18-2011, 07:10 AM   #2
zer0signal
Member
 
Registered: Oct 2010
Location: Cleveland
Distribution: Slackware, Fedora, RHEL (4,5), LFS 6.7, CentOS
Posts: 258

Rep: Reputation: 29
I'm shooting into the dark on this one, because I have yet to play with ipv6. But is the forwarding turned on for IPV6?

cat /proc/sys/net/ipv6/ip_forward "1" ?

/etc/sysctl/net/ipv6/ip_forward "1"

at least thats the location for RedHat based OS?
 
Old 01-19-2011, 07:39 AM   #3
jimbo1954
Member
 
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 258

Original Poster
Rep: Reputation: 33
Not a shot in the dark, I checked this, and yes, they are both set to 1
 
Old 02-01-2011, 10:56 AM   #4
jimbo1954
Member
 
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 258

Original Poster
Rep: Reputation: 33
Fixed!

Many issues, partly based upon using a DHCP address for one of the Interfaces. Changes all addresses to static, and it all worked fine. This was not a Shorewall6 problem, but a problem I caused by odd configurations. When all configs were redone on a fresh build, it worked just like it says on the packet!
 
  


Reply

Tags
ipv6, shorewall, shorewall6


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shorewall: port forwarding problem, port is closed even after forwarding Synt4x_3rr0r Linux - Networking 2 12-13-2009 04:36 PM
Mail Forwarding in postfix/maildrop/redhat (like yahoo mail forwarding) topcat Linux - Software 1 08-31-2007 12:10 PM
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 07:35 PM
Simple Port Forwarding Firewall - not forwarding MadTurki Linux - Security 14 04-09-2006 12:08 PM
port forwarding and packet forwarding syrtsardo Linux - Newbie 2 07-03-2003 10:37 AM


All times are GMT -5. The time now is 09:19 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration