On 8/5/10, Jochen Schulz <m...@well-adjusted.de> wrote: > George-Cristian Bîrzan: >> On Thu, 2010-08-05 at 21:56 +1000, pierre poulos wrote: >>> Cannot initiate the connection to security.debian.org:21 >>> (2001:388:1034:2900::26). - connect (101 Network is unreachable) [IP: >>> 2001:388:1034:2900::26 21] >> >> Try, as root: >> sysctl -w net.ipv6.conf.all.disable_ipv6=1 >> >> You seem to have a default route for IPv6, but no connectivity, so if >> you want IPv6, you could try to fix that. > > ACK, that appears to be the problem. To make the sysctl setting > permanent, you need to edit /etc/sysctl.conf and add a line > > net.ipv6.conf.all.disable_ipv6=1 > > J. > -- > My memories gild my life with rare transcendance. > [Agree] [Disagree] > <http://www.slowlydownward.com/NODATA/data_enter2.html> >
Ok, as root.. /home/pierre# sysctl -w net.ipv6.conf.all.disable_ipv6=1 error: "net.ipv6.conf.all.disable_ipv6" is an unknown key Next -- Look for file /etc/sysctl.conf --OK found it Now, insert Jochens line --OK done The file now shows.. # # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additonal system variables # See sysctl.conf (5) for information. # #kernel.domainname = example.com # Uncomment the following to stop low-level messages on console #kernel.printk = 4 4 1 7 ##############################################################3 # Functions previously found in netbase # # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 # Uncomment the next line to enable TCP/IP SYN cookies # This disables TCP Window Scaling (http://lkml.org/lkml/2008/2/5/167), # and is not recommended. #net.ipv4.tcp_syncookies=1 # Uncomment the next line to enable packet forwarding for IPv4 #net.ipv4.ip_forward=1 # Uncomment the next line to enable packet forwarding for IPv6 #net.ipv6.conf.all.forwarding=1 ################################################################## net.ipv6.conf.all.disable_ipv6=1 ################################################################### # Additional settings - these settings can improve the network # security of the host and prevent against some network attacks # including spoofing attacks and man in the middle attacks through # redirection. Some network environments, however, require that these # settings are disabled so review and enable them as needed. # # Ignore ICMP broadcasts #net.ipv4.icmp_echo_ignore_broadcasts = 1 # # Ignore bogus ICMP errors #net.ipv4.icmp_ignore_bogus_error_responses = 1 # # Do not accept ICMP redirects (prevent MITM attacks) #net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 # _or_ # Accept ICMP redirects only for gateways listed in our default # gateway list (enabled by default) # net.ipv4.conf.all.secure_redirects = 1 # # Do not send ICMP redirects (we are not a router) #net.ipv4.conf.all.send_redirects = 0 # # Do not accept IP source route packets (we are not a router) #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_source_route = 0 # # Log Martian Packets #net.ipv4.conf.all.log_martians = 1 # # The contents of /proc/<pid>/maps and smaps files are only visible to # readers that are allowed to ptrace() the process # kernel.maps_protect = 1 Now, reboot the machine Now I try www.debian.org with no proxy and... still no connection :-( Oh and btw, I don't think I have ever used IPv6. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktim-fj+1bd82k-ydfbzsphzpn++pdrvdmznyd...@mail.gmail.com
