On Thursday 04 of April 2013 10:02EN, Nick Edwards wrote:
> with ipv4 we have been able to
> -P INPUT DROP
> loopback accepts etc...
>
> -A INPUT -s 192.168.1.0/24 -j ACCEPT
>
> hitting this, means allow all from 192.168.1.1/2/3/4.... etc - tcp.
> udp. icmp whatever..
>
> But with ip6tables this same approach does not seem to work, it
> permits tcp/udp, but it does not allow icmp, bug?
Hard to say unless you tell us what do your rules look like and what
packets are dropped (and you think they shouldn't be).
Michal Kubecek
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
