[ previous ] [ next ] [ threads ]
 From:  Letalis <l3t4l1s at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Beta 1.3b12 released
 Date:  Tue, 8 Jul 2008 09:48:33 +0200
I did an upgrade to b12 yesterday, everything worked just fine except the
fact that I have to add the DNS server on the clients. DNS forwarding didnt
work for me.
Im using a Alix board and 2 Vista and 2 XP clients.

Its a small problem but still quite irritating,

/Roger aka Letalis

2008/7/8 Michel Servaes <michel at mcmc dot be>:

> Installed over here... works great.
> Tried to activate IPv6, which didn't cause any problem - but I just can't
> use it somehow.
> I've added a rule, to allow my LAN to get outside (just a plain default
> rule : * * * * -> any)
> I always worked on IPv4 (disabled IPv6), and I tried to activate IPv6 as
> the only protocol, but it simply won't get an address... mind you, I'm still
> using the Realtek NICs as LAN cards - the Intel one is on it's way (it's
> really hard to find an Intel card in retail stores in Belgium - all the
> cards were equipped with realtek chipsets) :)
> I shall first have a look on the net, maybe I'm missing some information on
> how to use IPv6 on an IPv4 internet...
> Manuel Kasper wrote:
>> Hello m0n0wall users,
>> in case you've been wondering - no, I haven't fallen off the face of the
>> earth yet - just had other things than m0n0wall to keep me busy.
>> But not to worry - m0n0wall 1.3b12 is out, and there's a new feature: IPv6
>> support (routing and firewalling)! I realize that IPv6 is still a bit of a
>> geeky thing without much use/demand in real life, but maybe, hopefully, one
>> day... The base for this was actually contributed by Michael Hanselmann way
>> back in 2005, and with some modifications to reflect the changes in m0n0wall
>> since then, as well as a few fixes/improvements (most notably easy to
>> configure 6to4 support), it is now finally in an official release. (Belated)
>> Thanks, Michael!
>> IPv6 support must be explicitly enabled on the System: Advanced setup page
>> before any of the new options will become available. Also, by default there
>> are no firewall rules for IPv6, so everything is blocked. Make sure to add
>> at least a rule on your LAN interface for outbound connections if you want
>> to use IPv6.
>> Since it's the first release with IPv6 support, bugs in the implementation
>> are likely. As always, please post on the mailing list or in the forum if
>> you've found something odd (with a detailled description of what you did,
>> please). Also let us know if everything worked "out of the box". :)
>> If you don't have native IPv6 connectivity yet, don't worry: 6to4
>> tunneling is supported, which should work anywhere you've got a
>> (non-firewalled) public IPv4 address. Simply choose "6to4" for the IPv6 mode
>> on both the WAN and LAN interfaces - no need to manually configure any IPv6
>> addresses (check the IPv6 RA option on the LAN interface and your LAN hosts
>> will be able to automatically obtain an IPv6 address). It can also work with
>> dynamic WAN IPv4 addresses (LAN/OPT IPv6 subnets are adjusted
>> automatically). Note that some operating systems do not use IPv6 when
>> connecting to a host that supports both IPv4 and IPv6 if they are configured
>> with a 6to4 IPv6 address (-> RFC 3484), so use an IPv6-only host (try
>> http://ipv6.m0n0.ch) for browser testing, or simply do a "ping6".
>> If you've got native IPv6 connectivity (not supported over PPPoE/PPTP
>> yet), remember that you'll have to statically route your m0n0wall's LAN
>> subnet from your upstream router - there's no NAT for IPv6 in m0n0wall (and
>> it would be pretty pointless in most cases anyway :).
>> Also, if you've gotten it to work and need some IPv6 capable web sites to
>> try it out, have a look at http://sixy.ch (or http://ipv6.sixy.ch), a
>> directory of IPv6 enabled web sites.
>> In other news, m0n0wall now generates a self-signed SSL certificate and
>> key pair for the webGUI on the fly if there's none when switching from HTTP
>> to HTTPS - this should be much more secure than the default, shared one.
>> There's also a button on the System: Advanced page to regenerate the
>> cert/key - you may want to use that one if you've got existing configs with
>> HTTPS and no custom certificate.
>> Finally, a bug in ipnat has been fixed that I have found to cause rare and
>> thus hard to diagnose kernel panics on a non-m0n0wall system that I'm
>> managing.
>> Detailed change log and downloads:
>> http://m0n0.ch/wall/beta.php
>> Enjoy,
>> Manuel
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch