Package: kernel-image-2.6.8-2-686-smp Version: 2.6.8-16 Severity: important
Hello Just had a few problems I cannot explain except in a kernel bug: I would have to secure a box the way it is not accessible from unallowed networks. So this is my code: iptables -P INPUT DROP ip6tables -P INPUT DROP #----------------------------------------------- # IPv4 statefull iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -s 157.161.4.0/24 -j ACCEPT iptables -A INPUT -p tcp --destination-port http -j ACCEPT iptables -A INPUT -p tcp --destination-port nsca -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT #----------------------------------------------- # IPv6 (not statefull) ip6tables -A INPUT -i lo -j ACCEPT ip6tables -A INPUT -s 2001:4060:1:4133::/64 -j ACCEPT ip6tables -A INPUT -p tcp --destination-port http -j ACCEPT ip6tables -A INPUT -p tcp ! --syn -j ACCEPT After this code everything is fine for about 10 minutes (from within 2001:4060:1:4133::/64). And then, suddenly the machine is not reachable via IPv6 anymore. ip6tables -F and reloading the rules solves the problem for the next 10 minutes or so... Any idea? Regards -Benoit- -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686-smp Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages kernel-image-2.6.8-2-686-smp depends on: ii coreutils [fileutils] 5.2.1-2 The GNU core utilities ii initrd-tools 0.1.81.1 tools to create initrd image for p ii module-init-tools 3.2-pre1-2 tools for managing Linux kernel mo -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
