[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Default ip6tables rules



Hi!

My University got few weeks ago IPv6 addresses from RIPE so I have now chance to test IPv6 protocol :-) I started searching for IPv6 enabled hosts in the Internet. ping6 worked, so had traceroute6. I could not connect to ftp/www sites, though. I started wireshark and noticed, that apps do not finish three-way handshake (no ACK packet). Disabling ip6tables service resolved the problem...

Is something wrong with my box (network rawhide installation from 13 October) or these are normal firewall settings?

[root viper ~]# service ip6tables status
Tablica: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all      ::/0                 ::/0

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all      ::/0                 ::/0

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
num  target     prot opt source               destination
1    ACCEPT     all      ::/0                 ::/0
2    ACCEPT     icmpv6    ::/0                 ::/0
3    ACCEPT     esp      ::/0                 ::/0
4    ACCEPT     ah       ::/0                 ::/0
5 ACCEPT udp ::/0 ff02::fb/128 udp dpt:5353
6    ACCEPT     udp      ::/0                 ::/0               udp dpt:631
7    ACCEPT     tcp      ::/0                 ::/0               tcp dpt:631
8 ACCEPT all ::/0 ::/0 state RELATED,ESTABLISHED 9 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:22
10   DROP       all      ::/0                 ::/0

[root viper ~]#

BTW I noticed that Firefox does not try to use IPv6 addresses before IPv4 ones O_o

Regards,
	Dawid

--

  ^_*


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]