NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ip6tables problem

from [Asfand Yar Qazi] [Permanent Link][Original]
To: netfilter@lists.netfilter.org
Subject: ip6tables problem
From: "Asfand Yar Qazi" <ayqazi@gmail.com>
Date: Wed, 20 Dec 2006 00:34:21 +0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=eTOONftNPChak0aEoxdqZ352PxjNcM6rHJPuPTHv0EOrKXP1Bv4zpvYRicl/NrTJuu9odVBFj53y4aTMJoivdtukF/c6XKLOJSTpkYts9ahSaI/T1MFWhXtTYyfxowgFo1QH1auqJhYTqMnDh8pE7YPuhazovn0jdnF846enws8=
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Sender: netfilter-bounces@lists.netfilter.org 
Hi,

I'm using kernel 2.6.19 on Gentoo

I have an ipv6 tunnel on the device 'tunbt6', and another interface on
eth0 to the rest of my network.

I've boiled down my problem to a simple firewall setup.

When I enter the following commands:

ip6tables -N filter6
ip6tables -A filter6 -m state --state NEW -i ! tunbt6 -j ACCEPT
ip6tables -A filter6 -m state --state ESTABLISHED,RELATED -j ACCEPT
ip6tables -A filter6 -j REJECT

ip6tables -A INPUT -j filter6
ip6tables -A FORWARD -j filter6


It doesn't work!  I can't even ping6 the machine over eth0 from my
other computer connected to the same ethernet segment!

Can anybody tell me what's happening?  Thanks
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SNAT and iChat, Dennis Taylor
Next by Date:  Re: Interesting article about punching holes in firewalls..., Cedric Blancher
Previous by Thread:  Why is my nat pre chain being bypassed by streaming udp?, Jeremy Freeman
Next by Thread:  Re: ip6tables problem, Petr Pisar
Indexes:  [Date] [Thread] [Top] [All Lists]