[Fwbuilder-discussion] Firewall Builder 2.0.7 beta, build 575
Brought to you by:
mikehorn
From: Vadim K. <va...@vk...> - 2005-04-06 17:18:49
|
Build 575 fixed bug #1176890: "block IPv6". Generated iptables script sets default policies to DROP in all ipv6 filter chains. More detailed control can be implemented using prolog or epilog scripts. Please note that this changes behavior of the generated iptables script with respect to IPv6. Until now, the script just ignored IPv6 but some people felt this leaves a hole in the firewall and asked me to make the script close it. Generated shell code will check if ip6tables is installed on the system and if it actually works before setting default policies to DROP. This means it won't try to do it if ip6tables is not installed or if it is present, but IPv6 is not compiled into the kernel (so ip6tables does not work and generates errors). --vk |