<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML ><HEAD ><TITLE >Firewalling using netfilter6 </TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK REL="HOME" TITLE="Linux IPv6 HOWTO (en)" HREF="index.html"><LINK REL="UP" TITLE="Firewalling" HREF="chapter-firewalling-security.html"><LINK REL="PREVIOUS" TITLE="Firewalling" HREF="chapter-firewalling-security.html"><LINK REL="NEXT" TITLE="Preparation" HREF="x2103.html"></HEAD ><BODY CLASS="SECT1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Linux IPv6 HOWTO (en)</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="chapter-firewalling-security.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >Chapter 17. Firewalling</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="x2103.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="FIREWALLING-NETFILTER6." ></A >17.1. Firewalling using netfilter6</H1 ><P >Native IPv6 firewalling is only supported in kernel versions 2.4+. In older 2.2- you can only filter IPv6-in-IPv4 by protocol 41. </P ><P >Attention: no warranty that described rules or examples can really protect your system! </P ><P >Audit your ruleset after installation, see <A HREF="ipv6-security-auditing.html" >Section 18.3</A > for more.</P ><P >Since kernel version 2.6.20 IPv6 connection tracking is fully working (and does not break IPv4 NAT anymore like versions before)</P ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="AEN2088" ></A >17.1.1. More information</H2 ><P ></P ><UL ><LI ><P ><A HREF="http://www.netfilter.org/" TARGET="_top" >Netfilter project</A ></P ></LI ><LI ><P ><A HREF="https://lists.netfilter.org/mailman/listinfo/netfilter" TARGET="_top" >maillist archive of netfilter users</A ></P ></LI ><LI ><P ><A HREF="https://lists.netfilter.org/mailman/listinfo/netfilter-devel" TARGET="_top" >maillist archive of netfilter developers</A ></P ></LI ><LI ><P ><A HREF="http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-kernel.html#netfilter6 " TARGET="_top" >Unofficial status informations</A ></P ></LI ></UL ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="chapter-firewalling-security.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="x2103.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Firewalling</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="chapter-firewalling-security.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Preparation</TD ></TR ></TABLE ></DIV ></BODY ></HTML >