Le jeu 11/12/2003 à 05:06, Jeffrey Forman a écrit :
> i was wondering if there is a way to do connection tracking with
> ip6tables as ipv4 iptables does?
Not yet.
But developpers are working on it. A patch was submitted on
netfilter-devel mailing list for 2.6 kernel by Yasuyuki Kozakai (24
sept. 2003) from USAGI project.
I attached a later post from him.
--
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!
--- Begin Message ---
Hi,
From: Matti Aarnio <matti.aarnio@xxxxxxxxxxx>
Date: Thu, 13 Nov 2003 03:01:59 +0200
> Dear Netfilter-devel,
>
> Could somebody tell to me, what is present status in IPv6
> connection-tracking filters of netfilter codes ? Having
> browsed your CVS, there are some versions of such, and
> tantalizing glimpses of somebody doing development in
> some bitkeeper somewhere...
If you want to use ip6_conntrack ASAP, you can find the patch in archives
of this list(24 Sep. 2003).
Or in USAGI kernel, too. http://www.linux-ipv6.org/
BTW, this patch works only with Linux 2.6. If you want to use it with
Linux 2.4, some changes are needed. ex) replace synchronize_net() to
br_write_{un}lock_bh(), fix the codes related to nf_reinject() in
ip6_conntrack_reasm.c.
----------------------------------------
Yasuyuki KOZAKAI
Communication Platform Laboratory,
Corporate Research & Development Center,
Toshiba Corporation
yasuyuki.kozakai@xxxxxxxxxxxxx
----------------------------------------
--- End Message ---
