LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-21-2012, 05:29 AM   #1
KatrinAlec
Member
 
Registered: Feb 2012
Posts: 65

Rep: Reputation: 8
ip6tables


We're using routers with IPv4 and we've set up a firewall with iptables.
Now I've seen there is an extra firewall called ip6tables.

There everything is set to ACCEPT and as far as I can tell IPv6 is turned on:
if I write
lsmod | grep ipv6
it is found.

My question:
Is it just luck so far, that ip6tables doesn't show any data
(if I use the parameters -L -v) and I should turn on the firewall?
 
Old 02-21-2012, 06:25 AM   #2
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS6
Posts: 267

Rep: Reputation: 58
IPv6 necessary?

IP6 is only a minor part of traffic experienced at this time, less than 13% in the last month at my small site, and mostly ignored by most. But it is destined to become the major part soon as unique IPv4 addresses have become hard to get around the world. I have been dual hosted and generally pleased. But is it really necessary now? Probably not, and if you'd rather wait, just set ip6tables up to log and reject all input and forward traffic and see what you actually have now.
 
1 members found this post helpful.
Old 02-21-2012, 07:22 AM   #3
KatrinAlec
Member
 
Registered: Feb 2012
Posts: 65

Original Poster
Rep: Reputation: 8
I guess I could turn off IPv6, or configure ip6tables.
The problem is, that we're using webmin and that doesn't seem to support ip6tables.
 
Old 02-21-2012, 08:06 AM   #4
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS6
Posts: 267

Rep: Reputation: 58
Well, as you have some windows behind you, just turn off forwarding (it should be off by default) by adding this to your rc.local:
Code:
 /bin/echo 0 > /proc/sys/net/ipv6/conf/all/forwarding
that will isolate the downstream machines.
 
Old 02-21-2012, 08:32 AM   #5
KatrinAlec
Member
 
Registered: Feb 2012
Posts: 65

Original Poster
Rep: Reputation: 8
Ah, ipv6 has it's own forwarding parameter.
For some reason I though if it's on for ipv4 it's on for ipv6.
I've checked the setting and forwarding for ipv6 is off.
Thanks a lot, now I don't have to change all of our routers.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ip6tables question Thaidog Linux - Security 5 09-28-2009 04:52 PM
ip6tables and connlimit? Tux-Slack Slackware 0 12-05-2007 03:41 PM
iptables and ip6tables MicahCarrick Linux - Software 2 12-31-2006 11:35 AM
iptables vs. ip6tables q14526 Linux - Security 3 09-29-2006 05:15 PM
iptables and/or ip6tables? DropHit Linux - Software 0 02-18-2004 03:40 PM


All times are GMT -5. The time now is 09:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration