IPv6 gateway, was: Re: IPv6 foot-dragging

• Previous message (by thread): IPv6 day in NYC?
• Next message (by thread): IPv6 gateway, was: Re: IPv6 foot-dragging
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks all for the helpful suggestions.

It looks like I solved the problem by adjusting my forward chain. I have 
a the local network on eth0 and the external network on eth1 and my 
forward chain looked like:

-I FORWARD -i eth0 -o eth1 -s 2001:db8::/64 -j ACCEPT
-I FORWARD -i eth1 -o eth0 -d 2001:db8::/64 -j ACCEPT

Changing it to the following made it work:

-I FORWARD -s 2001:470:85cd::/64 -j ACCEPT
-I FORWARD -d 2001:470:85cd::/64 -j ACCEPT


I am not sure if it'd be less secure to not make it specific to the 
interfaces. How would I change the first set of rules, using the -i 
parameter and still make it work? I also have a 6in4 interface for the 
IPv6 tunnel.

-- 
http://goldmark.org/jeff/stupid-disclaimers/
http://linuxmafia.com/~rick/faq/plural-of-virus.html

• Previous message (by thread): IPv6 day in NYC?
• Next message (by thread): IPv6 gateway, was: Re: IPv6 foot-dragging
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]