From mboxrd@z Thu Jan  1 00:00:00 1970
From: Thilo Schulz <arny@ats.s.bawue.de>
Date: Tue, 02 Sep 2003 12:06:15 +0000
Subject: Re: [LARTC] Classifying IPv6 tunnel traffic
Message-Id: <marc-lartc-106250447701679@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-106243721415155@msgid-missing>
In-Reply-To: <marc-lartc-106243721415155@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 01 September 2003 21:27, Jose Luis Domingo Lopez wrote:
> 6to4 IP traffic (I think this is its name, IPv6 traffic encapsulated
> into IPv4 packets) can be easily identified. They are regular IPv4
> packets, with a "protocol" field of 0x29, or decimal 41.

Thank you, that was exactly the information I needed, though I could probably 
also have consulted /etc/protocols myself d'oh ..

> So use iptables and match packets on protocol.

"u32 match ip protocol 41 0xff"  does the job pretty well :)

> What you can't do (to the
> best of my knowledge) if going deeper into the packets, and see if IPv6
> pakects inside the IPv4 ones are of some kind or another.

2. I wasn't planning on doing that ;)

- -- 
 - Thilo Schulz

My public GnuPG key is available at http://home.bawue.de/~arny/public_key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/VIe/Zx4hBtWQhl4RAp47AKCD8PdEO3b7Qmfe3wNN2B0/mpb/RACghi7C
j3QnJTzFhmp7WsbA/CmO15U=9QBS
-----END PGP SIGNATURE-----

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/