[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Can only access Debian website through proxy

On 8/5/10, Jochen Schulz <ml@well-adjusted.de> wrote:
> George-Cristian Bîrzan:
>> On Thu, 2010-08-05 at 21:56 +1000, pierre poulos wrote:
>>> Cannot initiate the connection to security.debian.org:21
>>> (2001:388:1034:2900::26). - connect (101 Network is unreachable) [IP:
>>> 2001:388:1034:2900::26 21]
>>
>> Try, as root:
>> sysctl -w net.ipv6.conf.all.disable_ipv6=1
>>
>> You seem to have a default route for IPv6, but no connectivity, so if
>> you want IPv6, you could try to fix that.
>
> ACK, that appears to be the problem. To make the sysctl setting
> permanent, you need to edit /etc/sysctl.conf and add a line
>
> net.ipv6.conf.all.disable_ipv6=1
>
> J.
> --
> My memories gild my life with rare transcendance.
> [Agree]   [Disagree]
>                  <http://www.slowlydownward.com/NODATA/data_enter2.html>
>

Ok, as root..

/home/pierre# sysctl -w net.ipv6.conf.all.disable_ipv6=1
error: "net.ipv6.conf.all.disable_ipv6" is an unknown key

Next -- Look for file /etc/sysctl.conf  --OK found it

Now, insert Jochens line --OK done

The file now shows..

#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additonal system variables
# See sysctl.conf (5) for information.
#

#kernel.domainname = example.com

# Uncomment the following to stop low-level messages on console
#kernel.printk = 4 4 1 7

##############################################################3
# Functions previously found in netbase
#

# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1

# Uncomment the next line to enable TCP/IP SYN cookies
# This disables TCP Window Scaling (http://lkml.org/lkml/2008/2/5/167),
# and is not recommended.
#net.ipv4.tcp_syncookies=1

# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6
#net.ipv6.conf.all.forwarding=1
##################################################################

net.ipv6.conf.all.disable_ipv6=1


###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Ignore ICMP broadcasts
#net.ipv4.icmp_echo_ignore_broadcasts = 1
#
# Ignore bogus ICMP errors
#net.ipv4.icmp_ignore_bogus_error_responses = 1
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
# The contents of /proc/<pid>/maps and smaps files are only visible to
# readers that are allowed to ptrace() the process
# kernel.maps_protect = 1


Now, reboot the machine
Now I try www.debian.org with no proxy and...  still no connection :-(

Oh and btw, I don't think I have ever used IPv6.
Reply to: