Bug#701200: default rules should be applied to both IPv4 and IPv6

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#701200: default rules should be applied to both IPv4 and IPv6
From: Philipp Kern <pkern@debian.org>
Date: Fri, 22 Feb 2013 18:33:13 +0100
Message-id: <[🔎] 20130222173312.16208.29408.reportbug@spike.0x539.de>
Reply-to: Philipp Kern <pkern@debian.org>, 701200@bugs.debian.org

Package: ferm
Version: 2.1-5
Severity: normal
Tags: ipv6

The ferm default ruleset only applies to IPv4. It does not touch IPv6 at all. I
think it should instead apply the same ruleset using domain (ip ip6) to both
address families. Sadly the IPsec rules do not work as-is with IPv6,
instead of ESP and AH "mod ipv6header header (esp ah) ACCEPT" needs to be used.

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (300, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages ferm depends on:
ii  debconf   1.5.49
ii  iptables  1.4.14-3
ii  lsb-base  4.1+Debian8
ii  perl      5.14.2-18

Versions of packages ferm recommends:
ii  libnet-dns-perl  0.66-2+b2

ferm suggests no packages.

-- Configuration Files:
/etc/ferm/ferm.conf [Errno 13] Permission denied: u'/etc/ferm/ferm.conf'

-- debconf information excluded

Reply to:

Prev by Date: Re: connected route
Next by Date: IP sent by DNSv6 Server
Previous by thread: Re: connected route
Next by thread: IP sent by DNSv6 Server
Index(es):
- Date
- Thread