IPv6 Certification Program Topics > Suggest a Test!

IPv6 firewall - ip6tables

(1/1)

adiblol:
Some of certification tests could cover IPv6 firewall. For example:

make HTTP server (preferably on non-default port -- if not can be harmful for production servers) reachable only from 2001:db8:1337:cafe::/64 (of course this is example netmask).

More complicated filters could be:
remote TCP port,
or even ip6tables-specific like
break connection after sending 16384 bytes (could be cheated with httpd, however)
quota

etc etc
...

nickbeee:

--- Quote from: adiblol on January 11, 2012, 07:03:16 AM ---Some of certification tests could cover IPv6 firewall. For example:

make HTTP server (preferably on non-default port -- if not can be harmful for production servers) reachable only from 2001:db8:1337:cafe::/64 (of course this is example netmask).

--- End quote ---

Anything would need to be OS-neutral in my opinion. I did this for my test setup for the http and smtp servers by setting up an ipv6 access list on my router.

Navigation

[0] Message Index

Go to full version