Hello!
Recently,I¡¯m doing a security project based upon ipv6.I have built up a bridge to support a transparent firewall.(my system is Fedora Core 2,kernel 2.6.5).In this system ,the version of the iptables is 1.2.7,which does not support ipv6(I have tried it).Thus,I download a new version and test it.
The iptables functions in bridge mode,but the ipv6 doesn't work well.In the bridge mode,ip6tables can¡¯t prevent the packet when I use ¡°ip6tables ¨CA FORWARD ¨Cj DROP¡±. I use the command"ls/proc/sys/net/bridge",it shows bridge-nf-call-iptables,bridge-nf-call-arptables,bridge-nf-filter-vlan-tagged.The problem is I can't find bridge-nf-call-ip6tables.
I have searched a lot of information,all said that the kernel2.6 have the bridge-nf code.Could you please tell me how to let the bridged packets be 'seen' by ip6tables?
Thank you very much!
sherry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.osdl.org/pipermail/bridge/attachments/20061222/ec659b84/attachment.htm
