* Re: [netfilter-core] ip6tables question
[not found] <200503301301.j2UD10rV019959@future.co.kr>
@ 2005-03-30 15:23 ` Harald Welte
2005-03-31 12:07 ` Mohamed Eldesoky
0 siblings, 1 reply; 2+ messages in thread
From: Harald Welte @ 2005-03-30 15:23 UTC (permalink / raw)
To: kesan; +Cc: coreteam, netfilter
[-- Attachment #1: Type: text/plain, Size: 1409 bytes --]
On Wed, Mar 30, 2005 at 10:19:11PM +0900, kesan wrote:
> Hello?
>
> I need to capture IPv6 packets in the prerouting stage and redirect them to
> another host/port. Is there a target extension for ip6tables for
> redirecting, like "REDIRECT" for iptables?
Please read http://www.netfilter.org/contact.html. Don't ask usage
questions to the core team, please.
Regarding your question: There is unfortunately no REDIRECT for
ip6tables at this moment. We're currently discussing some ideas how to
implement REDIRECT like functionality (for transparent proxes on the
local host) without requiring NAT. This discussion is not finished, and
there is no implementation so far.
> When is support NAT table for Ip6tables?
Only over my dead body. We will never implement ipv6-to-ipv6 network
address translation as long as I have any say in netfilter/iptables
development. NAT is evil and causes horrible breakage of end-to-end on
the internet. IPv6 has enough addresses and therefore no justification
for NAT.
--
- Harald Welte <laforge@netfilter.org> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [netfilter-core] ip6tables question
2005-03-30 15:23 ` [netfilter-core] ip6tables question Harald Welte
@ 2005-03-31 12:07 ` Mohamed Eldesoky
0 siblings, 0 replies; 2+ messages in thread
From: Mohamed Eldesoky @ 2005-03-31 12:07 UTC (permalink / raw)
To: Harald Welte, netfilter
On Wed, 30 Mar 2005 17:23:16 +0200, Harald Welte <laforge@netfilter.org> wrote:
> On Wed, Mar 30, 2005 at 10:19:11PM +0900, kesan wrote:
> > When is support NAT table for Ip6tables?
>
> Only over my dead body. We will never implement ipv6-to-ipv6 network
> address translation as long as I have any say in netfilter/iptables
> development. NAT is evil and causes horrible breakage of end-to-end on
> the internet. IPv6 has enough addresses and therefore no justification
> for NAT.
>
> --
> - Harald Welte <laforge@netfilter.org> http://netfilter.org/
> ============================================================================
> "Fragmentation is like classful addressing -- an interesting early
> architectural error that shows how much experimentation was going
> on while IP was being designed." -- Paul Vixie
>
>
>
One of the benefits of IPv6 is that we get ride of NATing, so, don't
think to re-use NATing in IPv6 networks.
--
Mohamed Eldesoky
www.eldesoky.net
RHCE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-03-31 12:07 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <200503301301.j2UD10rV019959@future.co.kr>
2005-03-30 15:23 ` [netfilter-core] ip6tables question Harald Welte
2005-03-31 12:07 ` Mohamed Eldesoky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox