Date: Fri, 30 Aug 2002 16:39:14 +0200 From: "Bert Hartmann" <hartmann@headlight.de> To: freebsd-questions@freebsd.org Subject: IPv6, IPV6FIREWALL, Type=OPEN >> permission denied? Message-ID: <3D6F9FB2.13836.1603709@localhost>
next in thread | raw e-mail | index | archive | help
Hi, I've added IPv6FIREWALL into kernel config, new kernel was built and entered /etc/rc.conf:ipv6_firewall_type="OPEN" but after reboot v6-communication is damaged. FreeBSD 4.6-RELEASE with IPv6 enabled, IPV6FIREWALL in kernel. /etc/rc.conf: ipv6_firewall_enable="YES" and ipv6_firewall_type="OPEN". #ip6fw list 00100 allow ipv6 from any to any via lo0 00200 allow ipv6-icmp from :: to ff02::/16 00300 allow ipv6-icmp from fe80::/10 to fe80::/10 00400 allow ipv6-icmp from fe80::/10 to ff02::/16 65000 allow ipv6 from any to any 65100 allow ipv6-icmp from any to any 65535 deny ipv6 from any to any but ping6 <v6-target outside> >>>> ping6: sendmsg: Permission denied Another problem since I've added IPV6FIREWALL: wwwoffles[563]: Failed to create and connect client socket. wwwoffles[563]: Cannot open the HTTP connection to .... [Permission denied]. wwwoffle is a proxyserver. Before I added the firewall v4 and v6 targets were reached correctly. Now v4-targets still work and v6 won't because wwwoffled can't create a socket. With type=open and its rules 65000+65100 every targets should be reachable or not? What about the socket problem? A socket should be created idependently of an existing firewall and if the rules would deny a target the connection couldn't be setup up ok. But why this socket error? Any ideas? thanks bert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D6F9FB2.13836.1603709>