Hurricane Electric's IPv6 Tunnel Broker Forums
May 26, 2013, 12:25:02 am *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome to Hurricane Electric's Tunnelbroker.net forums!
 
   Home   Help Search Login Register  
Hurricane Electric's IPv6 Tunnel Broker Forums > IPv6 Certification Program Topics > Suggest a Test! > IPv6 firewall - ip6tables
Pages: [1]
« previous next »
  Print  
Author Topic: IPv6 firewall - ip6tables  (Read 1850 times)
adiblol
Newbie
*
Posts: 6


View Profile
« on: January 11, 2012, 07:03:16 am »
Some of certification tests could cover IPv6 firewall. For example:

make HTTP server (preferably on non-default port -- if not can be harmful for production servers) reachable only from 2001:db8:1337:cafe::/64 (of course this is example netmask).

More complicated filters could be:
remote TCP port,
or even ip6tables-specific like
break connection after sending 16384 bytes (could be cheated with httpd, however)
quota

etc etc
...
Logged
nickbeee
tunneld
Jr. Member
**
Posts: 70


I do this just for fun.


View Profile
« Reply #1 on: January 11, 2012, 08:28:41 am »
Quote from: adiblol on January 11, 2012, 07:03:16 am
Some of certification tests could cover IPv6 firewall. For example:

make HTTP server (preferably on non-default port -- if not can be harmful for production servers) reachable only from 2001:db8:1337:cafe::/64 (of course this is example netmask).

Anything would need to be OS-neutral in my opinion. I did this for my test setup for the http and smtp servers by setting up an ipv6 access list on my router.
Logged
Nick B.

Tunnelling with [Open|Net|Free]BSD and IOS.
IPv6 courtesy of   HE and   Sixxs.
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!