networking

ipv6 conntrack issues on 2.6.18 kernels, and how not to properly debug

Submitted by mig5 on Sat, 04/06/2011 - 19:43

Tags:

Recently Linode announced their IPv6 rollout. My Linode, which (at the time of writing) runs this website, is in Dallas, and once Dallas was IPv6-ready I requested an IPv6 address to be assigned to it.

No connection for you

Read more about ipv6 conntrack issues on 2.6.18 kernels, and how not to properly debug

Basic firewall

Tags:

#!/bin/bash

# IP interfaces
eth0=`ifconfig eth0 | grep "inet addr" | awk '{print $2}' | cut -d: -f2`

# Change to 1 to enable logging of dropped packets
LOG=0

flush() {
iptables --flush
iptables --delete-chain
}

start() {

# Flush just in case 'start' has been called twice without stop or restart
flush

# Default policies
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP

# Accept all on loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

Main menu

ipv6 conntrack issues on 2.6.18 kernels, and how not to properly debug

Tags:

No connection for you

Basic firewall

Tags:

Subnet Mask Cheat Sheet

Tags:

RSS feed

Recent comments

IPv6 certified

Main menu

You are here

networking

ipv6 conntrack issues on 2.6.18 kernels, and how not to properly debug

Tags:

No connection for you

Basic firewall

Tags:

Subnet Mask Cheat Sheet

Tags:

Search form

RSS feed

Recent comments

IPv6 certified