Can you show us the output from:-
If there is nothing in those that is setting it, then it may be getting forced by the VPN software, which you don't tell us much about.
Would you not need an IPv6 definition to be able to use IPv6 tunnelling? Are you trying to prevent IPv6 access entirely or just heavily restrict it? I'm confused in your requirement.
Thanks, in advance,
Robin
Thanks for the response. The OS became so unstable that it would not boot. Finally, I ended up reloading the OS today. I'm on a different distro now.
When I installed the VPN, I had disabled ipv6 and verified by ipleak.net that the system was stealth. Days later, ipv6 made it off the machine. I caught it when a routine check of ipleak.net reported that I was being unmaked by ipv6. As my VPN was not tunneling ipv6, I was just attempting to turn it off.
I still very much a newbie and making lots of mistakes. I'll finish the config of this machine tomorrow or the next day and see if the problem returns.
I am using digital Unix and lpd. I have HP 4200n LaserJet TCP printer, but when I use lpr command, it always print duplex.
I can turn off duplex feature at the panel of the printer, but then other Windows computer cannot print duplex. How can I set up /etc/printcap file so that it will be... (2 Replies)
Hello guyz..
did some of u have implement or making a testbed for IPv6?
if yes, can u attached the procedures and standard guidelines because i really need for my proposal..
thanx.. (2 Replies)
Hi! I have to configure ipv6 network between two computers with Solaris 10 but I not an expert in using any unix system and I do it becouse I need it to my study. Is someone here who could help me and describe step-by-step how to do it? please!!!
PS. I need to configure network to do secure... (1 Reply)
my problem: i want to change from ipv4 to ipv6 on my home network.
On hpux i can assign only address non routable as fe80::1 fe80::3 etc to my lan0
Editing netconf-ipv6 i can assing a routable ipv6 address like
fd55:282f:3b98::/48
or
2001:470:26:307:89a0:aba1:f98b:eb3e
but only to alias... (0 Replies)
Hi,
I have created a bonding bond1 interface with 6 Eth , mode=4. Recently i have changed my old ipv6 to new one and tried to restart as well as reload network service. Post which i can see old as well as changed ipv6 in ifconfig command output. Below are few files and command output for your... (1 Reply)
I am trying to setup an IPv6 network.
I modified the interfaces file:
/etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
iface etho0 inet static
address 2620:7:a000::1
netmask 64
gateway ::ffff:c0a8:101
... (0 Replies)
Hello Dears ,
please I need your support I have Oracle Solaris 10 X86 server please if you can advise how can I add IP v6 on my server and if IPv6 was disabled how can i enable it also how can i add two IP (v4 and v6) on the same interface or I have to add another interface .
Thanks in... (1 Reply)
Discussion started by: ttashman
1 Replies
LEARN ABOUT DEBIAN
shorewall6-nesting
SHOREWALL6-NESTING(5) [FIXME: manual] SHOREWALL6-NESTING(5)NAME
nesting - shorewall6 Nested Zones
SYNOPSIS
child-zone[:parent-zone[,parent-zone]...]
DESCRIPTION
In shorewall6-zones[1](5), a zone may be declared to be a sub-zone of one or more other zones using the above syntax. The child-zone may be
neither the firewall zone nor a vserver zone. The firewall zone may not appear as a parent zone, although all vserver zones are handled as
sub-zones of the firewall zone.
Where zones are nested, the CONTINUE policy in shorewall6-policy[2](5) allows hosts that are within multiple zones to be managed under the
rules of all of these zones.
EXAMPLE
/etc/shorewall6/zones:
#ZONE TYPE OPTION
fw firewall
net ipv6
sam:net ipv6
loc ipv6
/etc/shorewall6/interfaces:
#ZONE INTERFACE BROADCAST OPTIONS
- eth0 detect blacklist
loc eth1 detect
/etc/shorewall6/hosts:
#ZONE HOST(S) OPTIONS
net eth0:[::]
sam eth0:[2001:19f0:feee::dead:beef:cafe]
/etc/shorewall6/policy:
#SOURCE DEST POLICY LOG LEVEL
loc net ACCEPT
sam all CONTINUE
net all DROP info
all all REJECT info
The second entry above says that when Sam is the client, connection requests should first be processed under rules where the source zone is
sam and if there is no match then the connection request should be treated under rules where the source zone is net. It is important that
this policy be listed BEFORE the next policy (net to all). You can have this policy generated for you automatically by using the
IMPLICIT_CONTINUE option in shorewall6.conf[3](5).
Partial /etc/shorewall6/rules:
#ACTION SOURCE DEST PROTO DEST PORT(S)
...
ACCEPT sam loc:2001:19f0:feee::3 tcp ssh
ACCEPT net loc:2001:19f0:feee::5 tcp www
...
Given these two rules, Sam can connect with ssh to 2001:19f0:feee::3. Like all hosts in the net zone, Sam can connect to TCP port 80 on
2001:19f0:feee::5. The order of the rules is not significant.
FILES
/etc/shorewall6/zones
/etc/shorewall6/interfaces
/etc/shorewall6/hosts
/etc/shorewall6/policy
/etc/shorewall6/rules
SEE ALSO shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5), shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
shorewall6-maclist(5), shoewall6-netmap(5),shorewall6-params(5), shorewall6-policy(5), shorewall6-providers(5), shorewall6-rtrules(5),
shorewall6-routestopped(5), shorewall6-rules(5), shorewall6.conf(5), shorewall6-secmarks(5), shorewall6-tcclasses(5),
shorewall6-tcdevices(5), shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5), shorewall6-zones(5)NOTES
1. shorewall6-zones
http://www.shorewall.net/manpages6/shorewall-zones.html
2. shorewall6-policy
http://www.shorewall.net/manpages6/shorewall6-policy.html
3. shorewall6.conf
http://www.shorewall.net/manpages6/shorewall6.conf.html
[FIXME: source] 06/28/2012 SHOREWALL6-NESTING(5)