[Firewall] Some questions regarding IPv6/IPv4 dual stack

Gustin Johnson gustin at meganerd.ca
Sun Oct 27 23:23:54 CET 2013


I now have an IPv6 tunnel and I am able to connect out from LAN computers
via IPv6.  The problem is the return path.  I would to allow ssh and https
to a couple of hosts as well as ICMP (protocol 58 for IPv6) for the entire
subnet.

What I have done so far is to put entries in  INET_FORWARD_TCP and
INET_FORWARD_IP.  I have put some examples below (with example IPs, not my
actual ones) because I can't seem to figure out why it is not working.  Any
help with the syntax would be appreciated.

INET_FORWARD_TCP="::/0>2001:1234:b:11c:aaaa:bbbb:cccc:dddd~22,443>
INET_FORWARD_IP="::/0>2001:1234:b:11c::/64~58"

I also have my tunnel interface listed in the EXT_IF (this was needed to
get outbound access, which makes sense).  I also have radvd configured and
seemingly working correctly.

Thanks,
__
Gustin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20131027/03f77ae3/attachment.html>


More information about the Firewall mailing list