Kernel issues
Trever L. Adams
tadams-lists at myrealbox.com
Wed Feb 1 17:41:45 UTC 2006
http://www.netfilter.org/projects/iptables/files/changes-iptables-1.3.5.txt states that in 1.3.4 the state and conntrack modules for ipv6 were enabled.
http://archives.free.net.ph/message/20060118.061509.2b74ef18.en.html
seems to suggest that the kernel now has it enabled.
Is there any reason why Fedora Rawhide still does not have iptables
conntracking and state matching for ipv6?
Trever Adams
On Tue, 2005-08-23 at 22:17 -0600, Trever L. Adams wrote:
> During the FC4 development cycle I mistakenly asked for 2.6.12 to be
> included because it "had" the ip_conntrack for ipv6. This was based on
> something I read. It turns out the person was misquoting. The USAGI
> project was promising this for a patch for 2.6.12. It was never included
> at least to my knowledge.
>
> My wish list for FC5 includes the following:
> TARPIT target for IPTABLES (I think it is already included).
>
> connlimit (and friends) matching for the kernel, this exists in
> documentation but has not yet made the mainstream kernel. Help should be
> given to get it there and it should be included.
>
> ip6_conntrack (or whatever it's name is) should be given similar help
> and should be included.
>
> Other than that, most of my wishes are ready being addressed. I do think
> these are very important for both desktop and server/firewall machines.
>
> Thank you,
> Trever Adams
> --
> "I conceive that a great part of the miseries of mankind are brought
> upon them by the false estimates they have made of the value of things."
> -- Benjamin Franklin
>
--
"When they took the fourth amendment, I was quiet because I didn't deal
drugs. When they took the sixth amendment, I was quiet because I was
innocent. When they took the second amendment, I was quiet because I
didn't own a gun. Now they've taken the first amendment, and I can say
nothing about it." -- Tim Freeman
More information about the fedora-devel-list
mailing list