Re: IP6tables and sendmail

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gregory P. Ennis wrote:
In trying to tinker with iptables, hosts.allow, and the hosts.deny files on both systems I have not been able to make any headway. When I used ifconfig on the FC3 unit I noticed th6 and IP4 protocols.

eth0      Link encap:Ethernet  HWaddr 00:11:5B:55:75:2C
          inet addr:10.0.0.131  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::211:5bff:fe55:752c/64 Scope:Link

Yeah, that's Link local IPv6 address that is automatically assigned to the interface according to rfc-somenumber. In most cases, if you leave things as-is, it is next to unusable.


Anyhow, if you don't use IPv6, don't know how to configure IPv6 so that you can actually use it, don't want to be bothered with IPv6, don't want to have to configure IPv6 firewall, and so on, and so forth, simply add this line to /etc/modprobe.conf and reboot:

alias net-pf-10 off

And IPv6 is all gone from your box. The above was default in 2.4 kernels (if you wanted IPv6 module automatically loaded as soon as you start IPv6 enabled application, you had to do "alias net-pf-10 ipv6"). Apperently, kernel developers decided for us that starting with 2.6 kernels, it is time that everybody should have IPv6 loaded by default.

Actually, even in FC3, initscripts are not yet updated for this change in kernel behaviour.

While we are on the subject, I courious how many of you folks out there acutally installed and configured iptables-ipv6 (or disabled IPv6) on your firewall boxes, and how many of you are wide open?

--
Aleksandar Milivojevic <amilivojevic@xxxxxx>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux