[Firewall] IPv6 not blocking INET->DMZ or INET->LAN

Lonnie Abelbeck lists at lonnie.abelbeck.com
Tue Mar 11 04:21:41 CET 2014


Hi Jason,

By default all IPv6 should not be forwarded.

How are you allowing OpenVPN traffic via say "tun0" ?

I assume you have set IPV6_SUPPORT=1

Are you running AIF v2.0.1 of some release ?

Lonnie


On Mar 10, 2014, at 10:02 PM, Jason Stahls wrote:

> I've got a server with native v6 and a /48, it's running a OpenVPN server for various sites.  I've given each site a /64 and have IPv6 over the OpenVPN tunnels working great, but over v6 my hosts are completely open.  I've tried putting them in the LAN without NAT, and in the DMZ, both cases the remote subnets are completely open to the Internet.  Is there a default accept policy I'm missing? :)
> 
> Thanks,
> 
> Jason Stahls
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl
> 
> 



More information about the Firewall mailing list