[CentOS] IPv6 routing with 2 different prefixes
Hello I've got two prefixes, one /48 and one /64 let's say these two 2001:db8:0815::/48 2001:db8:4711:cafe::/64 the router has on it's ethernet interface the following to IPv6 addresses: 2001:db8:0815::1/48 2001:db8:4711:cafe::1/64 a windows box has 2001:db8:0815::17/48 and 2001:db8:0815::1 as it's gateway a linux box has 2001:db8:4711:cafe::11/64 and 2001:db8:4711:cafe::1 as it's gateway why can only the router do ping6 2001:db8:0815::17 and not the linux box? is there a missing IPv6 route? Thanks, Walter ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Iptables not save rules
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of John R Pierce > Sent: Sunday, September 11, 2016 10:44 PM > To: centos@centos.org > Subject: Re: [CentOS] Iptables not save rules > > On 9/11/2016 8:55 AM, TE Dukes wrote: > > I have been using ipset to blacklist badbots. Works like a champ! > > > > The only problem is if I do a system reboot, I lose the ipset and the rule. > > > > I changed /etc/sysconfig/iptables.conf to: > > > > IPTABLES_SAVE_ON_RESTART="yes" > > IPTABLES_SAVE_ON_STOP="yes" > > > > And followed the instructions in: > > > > https://www.centos.org/forums/viewtopic.php?t=3853 > > > > The changes are still not saved. > > wild guess says, you need to ... > > chkconfig on ipset > service ipset start > > and when you change ipset stuff, > > service ipset save > > > but I'm just guessing, I've never used ipsets. > > > -- > john r pierce, recycling bits in santa cruz [Thomas E Dukes] THANKS!! I did not realize ipset was running as a service. Been trying figure out what was wrong for a couple weeks. Only way to know is to do a reboot and see what happens. Ipset save xx apparently doesn't really do anything. Thanks, again!! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Iptables not save rules
On Tue, Sep 13, 2016 at 08:16:28AM -0400, TE Dukes wrote: > > > > -Original Message- > > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > > Behalf Of John R Pierce > > Sent: Sunday, September 11, 2016 10:44 PM > > To: centos@centos.org > > Subject: Re: [CentOS] Iptables not save rules > > > > On 9/11/2016 8:55 AM, TE Dukes wrote: > > > I have been using ipset to blacklist badbots. Works like a champ! > > > > > > The only problem is if I do a system reboot, I lose the ipset and the > rule. > > > > > > I changed /etc/sysconfig/iptables.conf to: > > > > > > IPTABLES_SAVE_ON_RESTART="yes" > > > IPTABLES_SAVE_ON_STOP="yes" > > > > > > And followed the instructions in: > > > > > > https://www.centos.org/forums/viewtopic.php?t=3853 > > > > > > The changes are still not saved. > > > > wild guess says, you need to ... > > > > chkconfig on ipset > > service ipset start > > > > and when you change ipset stuff, > > > > service ipset save > > > > > > but I'm just guessing, I've never used ipsets. > > > > > > -- > > john r pierce, recycling bits in santa cruz > [Thomas E Dukes] > THANKS!! > > I did not realize ipset was running as a service. > > Been trying figure out what was wrong for a couple weeks. > > Only way to know is to do a reboot and see what happens. Ipset save xx > apparently doesn't really do anything. No, but ipset save blacklist > blacklist.save might. jl -- Jon H. LaBadie j...@jgcomp.com 11226 South Shore Rd. (703) 787-0688 (H) Reston, VA 20190 (703) 935-6720 (C) ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPv6 routing with 2 different prefixes
On 09/13/2016 12:03 AM, Walter H. wrote: why can only the router do ping6 2001:db8:0815::17 and not the linux box? It's not uncommon for systems to not route packets back out the interface where they were received. What kind of router is this? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Iptables not save rules
On Tue, 13 Sep 2016, TE Dukes wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of John R Pierce Sent: Sunday, September 11, 2016 10:44 PM To: centos@centos.org Subject: Re: [CentOS] Iptables not save rules On 9/11/2016 8:55 AM, TE Dukes wrote: I have been using ipset to blacklist badbots. Works like a champ! The only problem is if I do a system reboot, I lose the ipset and the rule. I changed /etc/sysconfig/iptables.conf to: IPTABLES_SAVE_ON_RESTART="yes" IPTABLES_SAVE_ON_STOP="yes" And followed the instructions in: https://www.centos.org/forums/viewtopic.php?t=3853 The changes are still not saved. wild guess says, you need to ... chkconfig on ipset service ipset start and when you change ipset stuff, service ipset save but I'm just guessing, I've never used ipsets. -- john r pierce, recycling bits in santa cruz [Thomas E Dukes] THANKS!! I did not realize ipset was running as a service. Been trying figure out what was wrong for a couple weeks. Only way to know is to do a reboot and see what happens. Ipset save xx apparently doesn't really do anything. Thanks, again!! John R Pierce's wild guesses are exactly right. ipset is NOT running as a "traditional" service, however: service ipset start|stop|save load and save ipsets for you automagically. Notice that it's "service ipset save" not "ipset save " as you had typed. Finally, and this is a bit of a corner case, but "service ipset save" won't work if you don't have the "ip_set" kernel module loaded, that is if your environment has the kernel modules compiled in to the kernel. See lines 123 and 124 of /etc/rc.d/init.d/ipset Easiest thing for me is to just comment out those two lines, however I need to remember to comment them out again when the ipset rpm is updated. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
