The iptables services must be turned off to use the ip6tables service.
The first step in using ip6tables is to start the ip6tables service. This can be done with the command:
The introduction of the next-generation Internet Protocol, called IPv6, expands beyond the 32-bit address limit of IPv4 (or IP). IPv6 supports 128-bit addresses and, as such, carrier networks that are IPv6 aware are able to address a larger number of routable addresses than IPv4.
chkconfig iptables off
To make ip6tables start by default whenever the system is booted, change the runlevel status on the service using chkconfig.
The syntax is identical to iptables in every aspect except that ip6tables supports 128-bit addresses. For example, SSH connections on a IPv6-aware network server can be enabled with the following rule.
Reference -
http://www.ipv6.org/
http://www.netfilter.org/
http://www.tldp.org/
A list of common services and their port numbers can be found in /etc/services
3 Responses to “ip6tables”
Leave a Reply
You must be logged in to post a comment.
The first sentence of this blog is not strictly correct, iptables should only be turned off if you either remove all IPv4 addresses or do not wish to Firewall them.
ip6tables only handles IPv6 addresses.
This blog is regarding how to use the ip6tables service. The Red Hat and ip6tables documentation is adamant that ipchains, iptables and ip6tables are mutually exclusive, so the first line stop the running iptables and “chkconfig iptables off” stop it from being loaded at startup in the future.
If you have and IPv4+IPv6 network, you must set the kernel sysctl in
/proc/sys/net/ipv6/bindv6only
If this flag is set to false (zero), then the socket can be used to send and receive packets to and from an IPv6 address or an IPv4-mapped IPv6 address.
1therapy…
…