On 31 Jul 2010, at 18:47, Pascal Hambourg
<pascal.mail@xxxxxxxxxxxxxxx> wrote:
Hello,
Mark Ryden a écrit :
According to this link:
http://www.faqs.org/docs/Linux-HOWTO/Linux+IPv6-HOWTO.html#FIREWALLING-NETFILTER6
"In IPv6 you can't control forwarding per device, forwarding control
has to be done using IPv6-netfilter (controlled with ip6tables)
rulesets and specify input and output devices (see
Firewalling/Netfilter6 for more). This is different to IPv4, where
you are able to control forwarding per device (decision is made on
interface where packet came in). "
My question is:
Suppose you don't want to control forwarding in IPv6 on a certain
device, just forward packets which are received on any device.
I am not sure that this howto is relevant.
Is it true that in order to achieve IPV6 forwarding you must use
netfilter rule ?
No.
Is it possible to achieve forwarding simply by running:
echo "1" /proc/sys/net/ipv6/conf/all/forwarding
without setting any ip6tables netfilter rule ?
Yes.
If you don't need filtering, you don't need ip6tables.
--
To unsubscribe from this list: send the line "unsubscribe netfilter"
in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Am I correct in saying that iptables/ip6tables doesn't actually alter/
affect "path" of traffic, but only either allows or blocks?--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html