Difference between revisions of "Quattor and IPv6"

From PDP/Grid Wiki
Jump to navigationJump to search
 
Line 209: Line 209:
 
  >        }
 
  >        }
  
 
+
'''
NOTE: I need to remove the 'else', since it should't be an error that IPV6ADDR is not defined (This would be the case of sites with only IPv4):
+
'''TO DO''': I need to remove the 'else', since it shouldn't be an error that ''IPV6ADDR'' is not defined (This would be the case of sites with only IPv4):
  
 
  319a326,332
 
  319a326,332
Line 220: Line 220:
 
  >                              "ipv6address configured for $iface");
 
  >                              "ipv6address configured for $iface");
 
  >            }
 
  >            }
 
  
 
  387a401,404
 
  387a401,404
Line 246: Line 245:
  
  
 +
== Iptables component ==
  
 +
This component works with the path ''/software/components/iptables''. After a fist look at the component, it seems that not many changes are needed.
 +
The first one would be in the variable that contains the definition of the different iptables options. I haven't done any change yet, so what you see at ''-s'' (source) and ''-d'' (destiny) is for IPv4 addresses, but I guess also that can be improved, because if I'm not wrong, that also allows the address ''999.999.999.999''. Anyway, I need to find the right regular expression, so that it also allows '''IPv6''' addresses:
  
 
+
my %options_arg = ( '-A'              => "", #defined as "($regexp_chains)" on a table by table basis
== Iptables component ==
 
This component works with the path /software/components/iptables. After a fist look at the component, it seems that not many changes are needed.
 
The first one would be in the variable that contains the definition of the different iptables options. I haven't done any change yet, so what you see at '-s' (source) and '-d' (destiny) is for IPv4 addresses, but I guess also that can be improved, because if I'm not wrong, that also allows the address 999.999.999.999. Anyway, I need to find the right regular expression, so that it also allows IPv6 addresses:
 
my %options_arg = ( '-A'              => "", #defined as "($regexp_chains)" on a table by table basis
 
 
                     '-D'              => "",
 
                     '-D'              => "",
 
                     '-I'              => "",
 
                     '-I'              => "",
Line 260: Line 258:
 
                     '-s'              => '(\!?\s*\d{0,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(\/\d{1,2}){0,1}|\S+)',
 
                     '-s'              => '(\!?\s*\d{0,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(\/\d{1,2}){0,1}|\S+)',
 
                     '-d'              => '(\!?\s*\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(\/\d{1,2}){0,1}|\S+)',
 
                     '-d'              => '(\!?\s*\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(\/\d{1,2}){0,1}|\S+)',
...
+
...
 +
 
 +
I have also copied from the ip6tables man pages some extensions that would need to be included in the options hash table:
  
I have also copied from the ip6tables man pages some extensions that would need to be included in the options hash table:
+
=== icmp6 ===
icmp6  
 
 
This extension can be used if '--protocol ipv6-icmp' or '--protocol icmpv6' is specified. It provides the following option:  
 
This extension can be used if '--protocol ipv6-icmp' or '--protocol icmpv6' is specified. It provides the following option:  
 
[!] --icmpv6-type type[/code]|typename  
 
[!] --icmpv6-type type[/code]|typename  
Line 269: Line 268:
 
ip6tables -p ipv6-icmp -h
 
ip6tables -p ipv6-icmp -h
  
ipv6header  
+
=== ipv6header ===
 
This module matches IPv6 extension headers and/or upper layer header.  
 
This module matches IPv6 extension headers and/or upper layer header.  
 
--soft  
 
--soft  

Latest revision as of 12:17, 10 October 2012