[pve-devel] pve-firewall : ipv6 support ?
Dietmar Maurer
dietmar at proxmox.com
Fri Jun 27 06:26:46 CEST 2014
> what about to add ipv6 support to firewall ?
Yes, we really need that, so it would be great if you can work on that.
> do you think it's very different than ipv4 ?
Not really. I first thought we can just add another section called [v6rules],
but it is maybe easier to simply add special rule types 'v6in' and 'v6out' instead.
Not sure what is easier.
> I found theses differences:
>
> - ip6tables-save, ip6tables-restore
>
> - icmp rules : -p icmpv6 --icmpv6-type
Yes, we need to call ip6tables. I think we will find any further differences when we implement that ;-)
> ipset:
> create xhash:net family inet6
This should be easy to implement.
> -venet don't support ipv6 I think (also not supported by proxmox gui ?)
AFAIK venet supports ipv6 (you can even add v6 addresses on our GUI).
More information about the pve-devel
mailing list