Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Debian User (http://www.linux-archive.org/debian-user/)
-   -   ip6tables (http://www.linux-archive.org/debian-user/104636-ip6tables.html)

Adam Hardy 06-11-2008 11:19 AM
ip6tables
 
Hello,

I have a gateway server running two NIC cards, one for the internet and one for
the LAN. I set up normal iptables which I'm happy with, but I installed
apache-tomcat on the machine (for use on the LAN, not to serve the internet) and
I found it has some sort of requirement for IPv6.


I set up a really primitive ip6tables firewall to allow tomcat to do its stuff
(where eth2 is the internet NIC):


Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP 0 eth2 * ::/0 ::/0 state NEW

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP 0 eth2 * ::/0 ::/0 state NEW

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination


Is this going to be OK or does it allow any crackers to try out something nasty?

Thanks
Adam


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


All times are GMT. The time now is 03:34 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.