On Thu, May 29, 2008 at 10:53 PM, Matt Shields &lt;<a href="mailto:mattboston@gmail.com">mattboston@gmail.com</a>&gt; wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Thu, May 29, 2008 at 11:43 PM, Christopher Chan<br>
&lt;<a href="mailto:christopher@ias.com.hk">christopher@ias.com.hk</a>&gt; wrote:<br>
&gt; Robert Moskowitz wrote:<br>
&gt;&gt;<br>
&gt;&gt; We have kernel support for IPv6 in Centos, but not stateful firewall<br>
&gt;&gt; support.<br>
&gt;&gt;<br>
&gt;&gt; That requires at least the 2.6.20 kernel, which means Fedora Core 6 or<br>
&gt;&gt; some other Linux distro.<br>
&gt;&gt;<br>
&gt;&gt; None of the various free Linux firewalls have IPv6 support. &nbsp;Supposedly<br>
&gt;&gt; FWBuilder can manage Netfilters for a Linux Kernel, but that seems to be the<br>
&gt;&gt; extent of it.<br>
&gt;&gt;<br>
&gt;&gt; More sad facts as I uncover them.....<br>
&gt;<br>
&gt; Just use openbsd. We cannot expect Linux to rule everything. Use what best<br>
&gt; fits the job.<br>
<br>
</div>Not sure about FC6, but in both CentOS 4 &amp; 5 there is an ip6tables. &nbsp;I<br>
haven&#39;t used it, but I&#39;m assuming that you can build rules just like<br>
you do with iptables.<br>
<br>
--<br>
<font color="#888888">-matt<br>
</font><div><div></div><div class="Wj3C7c">_______________________________________________<br>
CentOS mailing list<br>
<a href="mailto:CentOS@centos.org">CentOS@centos.org</a><br>
<a href="http://lists.centos.org/mailman/listinfo/centos" target="_blank">http://lists.centos.org/mailman/listinfo/centos</a><br>
</div></div></blockquote></div><br>My dd-wrt web page has a IPv6 checkbox, but don&#39;t know what it does.&nbsp; i am shunning IPv6 bc securing the private side of a NAT is hard enough.&nbsp; Securing IPv6 seems much much much tougher.<br>