Q:when ip6tables should be used instead of iptables ?

Q:when ip6tables should be used instead of iptables ?

[Olshvang, LevX]

This question may  be sound trivial, of course when dealing with IPv6 addresses ip6tables is appropriate.

But if I have machine with dual IPv4/IPv6 stack , does it mean that netfilter have separate set of tables/chains for IPv4 and IPv6 so I need to have  2 set of commands to protect for example from syn flooding ?

Or in another terms which of iptable command are IPv4/v6 neutral?


Regards,
Lev 
---------------------------------------------------------------------
Intel Israel (74) Limited

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.

Re: Q:when ip6tables should be used instead of iptables ?

[Tyler J. Wagner]

On 2011-08-04 15:54, Olshvang, LevX wrote:
> Or in another terms which of iptable command are IPv4/v6 neutral?

None of them. iptables is an IPv4 filter. ip6tables is an IPv6 filter.
Yes, you must maintain two sets of firewall rules, or use a firewall
rules generator tool that does this for you.

Regards,
Tyler

-- 
"Offending fundamentalists isn't my goal – but if it is an inevitable
side-effect of defending human rights, so be it."
   -- Johann Hari