diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
index f926d6c7..10d6e104 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
@@ -4,7 +4,6 @@
 ><TITLE
 >Linux IPv6 HOWTO (de)</TITLE
 ><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
-><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
 ><META
 NAME="GENERATOR"
 CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
@@ -63,7 +62,7 @@ ALIGN="LEFT"
 >Version 0.66wip.de.1</TD
 ><TD
 ALIGN="LEFT"
->2013-05-13</TD
+>2014-05-02</TD
 ><TD
 ALIGN="LEFT"
 >Geändert durch: PB</TD
@@ -426,7 +425,7 @@ HREF="#AEN1188"
 ></DT
 ><DT
 >9.2. <A
-HREF="#AEN1265"
+HREF="#AEN1273"
 >Bestehende Tunnel anzeigen</A
 ></DT
 ><DT
@@ -450,17 +449,17 @@ HREF="#CHAPTER-CONFIGURING-IPV4-IN-IPV6-TUNNELS"
 ><DL
 ><DT
 >10.1. <A
-HREF="#AEN1389"
+HREF="#AEN1397"
 >Anzeigen von existierenden Tunnels</A
 ></DT
 ><DT
 >10.2. <A
-HREF="#AEN1396"
+HREF="#AEN1404"
 >Konfiguration eines Punkt-zu-Punkt Tunnels</A
 ></DT
 ><DT
 >10.3. <A
-HREF="#AEN1402"
+HREF="#AEN1410"
 >Löschen von Punkt-zu-Punkt-Tunnels</A
 ></DT
 ></DL
@@ -474,7 +473,7 @@ HREF="#CHAPTER-KERNEL-SETTINGS"
 ><DL
 ><DT
 >11.1. <A
-HREF="#AEN1411"
+HREF="#AEN1419"
 >Zugriff auf das /proc-Dateisystem</A
 ></DT
 ><DT
@@ -513,7 +512,7 @@ HREF="#NETWORK-DEBUGGING"
 ><DL
 ><DT
 >14.1. <A
-HREF="#AEN1920"
+HREF="#AEN1928"
 >Server Socket-Anbindung</A
 ></DT
 ><DT
@@ -532,12 +531,12 @@ HREF="#CHAPTER-SUPPORT-PERSISTENT-CONFIGURATION"
 ><DL
 ><DT
 >15.1. <A
-HREF="#AEN1972"
+HREF="#AEN1980"
 >Red Hat Linux und “Klone”</A
 ></DT
 ><DT
 >15.2. <A
-HREF="#AEN2010"
+HREF="#AEN2018"
 >SuSE Linux</A
 ></DT
 ><DT
@@ -556,17 +555,17 @@ HREF="#CHAPTER-AUTOCONFIGURATION"
 ><DL
 ><DT
 >16.1. <A
-HREF="#AEN2062"
+HREF="#AEN2070"
 >Stateless Auto-Konfiguration (out-of-the-box)</A
 ></DT
 ><DT
 >16.2. <A
-HREF="#AEN2067"
+HREF="#AEN2075"
 >Stateless Auto-Konfiguration unter Verwendung des Router Advertisement Daemon (radvd)</A
 ></DT
 ><DT
 >16.3. <A
-HREF="#AEN2071"
+HREF="#AEN2079"
 >Dynamic Host Configuration Protocol v6 (DHCPv6)</A
 ></DT
 ></DL
@@ -580,7 +579,7 @@ HREF="#CHAPTER-MOBILITY"
 ><DL
 ><DT
 >17.1. <A
-HREF="#AEN2090"
+HREF="#AEN2098"
 >Allgemeines</A
 ></DT
 ></DL
@@ -599,12 +598,12 @@ HREF="#FIREWALLING-NETFILTER6."
 ></DT
 ><DT
 >18.2. <A
-HREF="#AEN2173"
+HREF="#AEN2183"
 >Vorbereitung</A
 ></DT
 ><DT
 >18.3. <A
-HREF="#AEN2251"
+HREF="#AEN2261"
 >Verwendung</A
 ></DT
 ><DT
@@ -612,6 +611,11 @@ HREF="#AEN2251"
 HREF="#NAT-NETFILTER6."
 >Network Address Translation (NAT) mit netfilter6</A
 ></DT
+><DT
+>18.5. <A
+HREF="#AEN2406"
+>Firewall-Setup mit nftables</A
+></DT
 ></DL
 ></DD
 ><DT
@@ -623,12 +627,12 @@ HREF="#CHAPTER-SECURITY"
 ><DL
 ><DT
 >19.1. <A
-HREF="#AEN2398"
+HREF="#AEN2442"
 >Sicherheit des Knoten</A
 ></DT
 ><DT
 >19.2. <A
-HREF="#AEN2402"
+HREF="#AEN2446"
 >Zugangsbeschränkungen</A
 ></DT
 ><DT
@@ -647,22 +651,22 @@ HREF="#CHAPTER-ENCRYPTION-AUTHENTICATION"
 ><DL
 ><DT
 >20.1. <A
-HREF="#AEN2455"
+HREF="#AEN2499"
 >Nutzungsarten von Verschlüsselung und Authentifizierung</A
 ></DT
 ><DT
 >20.2. <A
-HREF="#AEN2466"
+HREF="#AEN2510"
 >Unterstützung im Kernel (ESP und AH)</A
 ></DT
 ><DT
 >20.3. <A
-HREF="#AEN2476"
+HREF="#AEN2520"
 >Automatischer Schlüssel-Austausch (IKE)</A
 ></DT
 ><DT
 >20.4. <A
-HREF="#AEN2538"
+HREF="#AEN2582"
 >Anmerkungen:</A
 ></DT
 ></DL
@@ -676,12 +680,12 @@ HREF="#CHAPTER-QOS"
 ><DL
 ><DT
 >21.1. <A
-HREF="#AEN2550"
+HREF="#AEN2594"
 >General</A
 ></DT
 ><DT
 >21.2. <A
-HREF="#AEN2554"
+HREF="#AEN2598"
 >Linux QoS mit “tc”</A
 ></DT
 ></DL
@@ -764,7 +768,7 @@ HREF="#CHAPTER-SECTION-USING-API"
 ></DT
 ><DT
 >23.2. <A
-HREF="#AEN2912"
+HREF="#AEN2956"
 >Andere Programmiersprachen</A
 ></DT
 ></DL
@@ -798,7 +802,7 @@ HREF="#INFORMATION-ONLINEINFORMATION"
 ></DT
 ><DT
 >25.4. <A
-HREF="#AEN3579"
+HREF="#AEN3621"
 >IPv6 Infrastruktur</A
 ></DT
 ><DT
@@ -825,7 +829,7 @@ HREF="#INFORMATION-ONLINEDISCOVERY"
 ></DD
 ><DT
 >26. <A
-HREF="#AEN3962"
+HREF="#AEN4004"
 >Versions-Überblick / Danksagung / Zum Schluss</A
 ></DT
 ><DD
@@ -842,7 +846,7 @@ HREF="#CREDITS"
 ></DT
 ><DT
 >26.3. <A
-HREF="#AEN4191"
+HREF="#AEN4233"
 >Zum Schluss</A
 ></DT
 ></DL
@@ -878,11 +882,11 @@ NAME="AEN37"
 >1.1.1. Copyright</A
 ></H3
 ><P
->Verfasst von und urheberrechtlich geschützt durch Peter Bieringer © 2001-2013.</P
+>Verfasst von und urheberrechtlich geschützt durch Peter Bieringer © 2001-2014.</P
 ><P
 >Deutsche Übersetzung:</P
 ><P
->Verfasst von und urheberrechtlich geschützt durch Georg Käfer © 2002-2003, weitergeführt von Peter Bieringer © 2004-2013.</P
+>Verfasst von und urheberrechtlich geschützt durch Georg Käfer © 2002-2003, weitergeführt von Peter Bieringer © 2004-2014.</P
 ></DIV
 ><DIV
 CLASS="SECT2"
@@ -897,7 +901,7 @@ NAME="AEN42"
 ><P
 >Dieses Linux IPv6 HOWTO ist ein Handbuch zur Anwendung und Konfiguration von IPv6 auf Linux-Systemen. </P
 ><P
->Copyright © 2001-2013 Peter Bieringer
+>Copyright © 2001-2014 Peter Bieringer
 Deutsche Übersetzung Copyright © 2002-2003 Georg Käfer, weitergeführt von Peter Bieringer © 2004-2013.</P
 ><P
 >Diese Dokumentation ist freie Software; Sie können diese unter den Bedingungen der GNU General Public License, wie von der Free Software Foundation publiziert, entweder unter Version 2 oder optional jede höhere Version redistribuieren und/oder modifizieren.</P
@@ -5941,13 +5945,35 @@ TARGET="_top"
 >Ein entfernter Tunnel-Endpunkt muss dazu in der Lage sein, ihr IPv6 Präfix bis zu Ihrem lokalen Tunnel-Endpunkt zu routen (wobei meistens manuelle Konfiguration notwendig wird).</P
 ></LI
 ></UL
+><P
+>Statische Tunnelprovider:</P
+><P
+></P
+><UL
+><LI
+><P
+><A
+HREF="http://he.com/"
+TARGET="_top"
+>Hurricane Electric</A
+></P
+></LI
+><LI
+><P
+><A
+HREF="http://www.sixxs.net/"
+TARGET="_top"
+>SixXS</A
+></P
+></LI
+></UL
 ></DIV
 ><DIV
 CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1210"
+NAME="AEN1218"
 >9.1.2. Automatische Tunnel</A
 ></H3
 ><P
@@ -5972,7 +5998,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1217"
+NAME="AEN1225"
 >9.1.3.1. Erstellen eines 6to4 Präfixes</A
 ></H4
 ><P
@@ -6010,7 +6036,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1224"
+NAME="AEN1232"
 >9.1.3.2. 6to4 Tunnel zum Upstream</A
 ></H4
 ><P
@@ -6031,7 +6057,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1230"
+NAME="AEN1238"
 >9.1.3.3. 6to4 Tunnel zum Downstream</A
 ></H4
 ><P
@@ -6054,7 +6080,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1238"
+NAME="AEN1246"
 >9.1.3.4. Möglicher 6to4 Verkehr</A
 ></H4
 ><P
@@ -6082,7 +6108,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1248"
+NAME="AEN1256"
 >9.1.4. UDP gekapselte IPv6 Tunnels</A
 ></H3
 ><P
@@ -6092,7 +6118,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1251"
+NAME="AEN1259"
 >9.1.4.1. Teredo Tunnel</A
 ></H4
 ><P
@@ -6115,7 +6141,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1257"
+NAME="AEN1265"
 >9.1.4.2. AYIYA Tunnel</A
 ></H4
 ><P
@@ -6123,14 +6149,14 @@ NAME="AEN1257"
 HREF="http://www.sixxs.net/"
 TARGET="_top"
 >SixXS</A
-> has also IPv6-in-UDP-in-IPv4 (5072/udp) capability, for using it, the AYIYA mode must be enabled.</P
+> bietet auch einen IPv6-in-UDP-in-IPv4 (5072/udp) Tunnel an, zur Nutzung muss der Modus AYIYA aktiviert werden.</P
 ></DIV
 ><DIV
 CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1261"
+NAME="AEN1269"
 >9.1.4.3. gogo6 Tunnel</A
 ></H4
 ><P
@@ -6138,7 +6164,7 @@ NAME="AEN1261"
 HREF="http://gogo6.com/"
 TARGET="_top"
 >gogo6</A
-> has also IPv6-in-UDP-in-IPv4 (3653/udp) capability, for using it, the v6udpv4 mode must be enabled.</P
+> bietet auch einen IPv6-in-UDP-in-IPv4 (3653/udp) Tunnel an, zur Nutzung muss der Modus v6udpv4 aktiviert werden.</P
 ></DIV
 ></DIV
 ></DIV
@@ -6147,7 +6173,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1265"
+NAME="AEN1273"
 >9.2. Bestehende Tunnel anzeigen</A
 ></H2
 ><DIV
@@ -6155,7 +6181,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1267"
+NAME="AEN1275"
 >9.2.1. Verwendung von "ip"</A
 ></H3
 ><P
@@ -6200,7 +6226,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1273"
+NAME="AEN1281"
 >9.2.2. Verwendung von "route"</A
 ></H3
 ><P
@@ -6269,7 +6295,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1285"
+NAME="AEN1293"
 >9.3.1. Einen Punkt-zu-Punkt Tunnel hinzufügen</A
 ></H3
 ><DIV
@@ -6277,7 +6303,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1287"
+NAME="AEN1295"
 >9.3.1.1. Verwendung von "ip"</A
 ></H4
 ><P
@@ -6336,7 +6362,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1294"
+NAME="AEN1302"
 >9.3.1.2. Verwendung von "ifconfig" und "route" (nicht empfehlenswert)</A
 ></H4
 ><P
@@ -6378,7 +6404,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1300"
+NAME="AEN1308"
 >9.3.1.3. Verwendung allein von "route"</A
 ></H4
 ><P
@@ -6416,7 +6442,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1306"
+NAME="AEN1314"
 >9.3.2. Punkt-zu-Punkt Tunnel entfernen</A
 ></H3
 ><P
@@ -6426,7 +6452,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1309"
+NAME="AEN1317"
 >9.3.2.1. Verwendung von "ip"</A
 ></H4
 ><P
@@ -6479,7 +6505,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1315"
+NAME="AEN1323"
 >9.3.2.2. Verwendung von "ifconfig" und "route" (nicht empfehlenswert, da unbequem)</A
 ></H4
 ><P
@@ -6516,7 +6542,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1320"
+NAME="AEN1328"
 >9.3.2.3. Verwendung von "route"</A
 ></H4
 ><P
@@ -6552,7 +6578,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1325"
+NAME="AEN1333"
 >9.3.3. Nummerierte Punkt-zu-Punkt Tunnel</A
 ></H3
 ><P
@@ -6577,7 +6603,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1332"
+NAME="AEN1340"
 >9.4.1. 6to4 Tunnel hinzufügen</A
 ></H3
 ><P
@@ -6657,7 +6683,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1344"
+NAME="AEN1352"
 >9.4.1.1. Verwendung von "ip" und einem dedizierten Tunnel-Device</A
 ></H4
 ><P
@@ -6754,7 +6780,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1357"
+NAME="AEN1365"
 >9.4.1.2. Verwendung von "ifconfig" und "route" sowie einem generischen Tunnel-Device "sit0" (nicht empfehlenswert)</A
 ></H4
 ><P
@@ -6817,7 +6843,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1366"
+NAME="AEN1374"
 >9.4.2. 6to4 Tunnel entfernen</A
 ></H3
 ><DIV
@@ -6825,7 +6851,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1368"
+NAME="AEN1376"
 >9.4.2.1. Verwendung von "ip" und einem dedizierten Tunnel-Device</A
 ></H4
 ><P
@@ -6885,7 +6911,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1376"
+NAME="AEN1384"
 >9.4.2.2. Verwendung von "ifconfig" und "route" sowie einem generischen Tunnel-Device "sit0" (nicht empfehlenswert)</A
 ></H4
 ><P
@@ -6963,7 +6989,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1389"
+NAME="AEN1397"
 >10.1. Anzeigen von existierenden Tunnels</A
 ></H2
 ><P
@@ -7010,7 +7036,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1396"
+NAME="AEN1404"
 >10.2. Konfiguration eines Punkt-zu-Punkt Tunnels</A
 ></H2
 ><P
@@ -7063,7 +7089,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1402"
+NAME="AEN1410"
 >10.3. Löschen von Punkt-zu-Punkt-Tunnels</A
 ></H2
 ><P
@@ -7126,7 +7152,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1411"
+NAME="AEN1419"
 >11.1. Zugriff auf das /proc-Dateisystem</A
 ></H2
 ><DIV
@@ -7134,7 +7160,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1413"
+NAME="AEN1421"
 >11.1.1. Verwendung von "cat" und "echo"</A
 ></H3
 ><P
@@ -7201,7 +7227,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1428"
+NAME="AEN1436"
 >11.1.1.1. Wert anzeigen</A
 ></H4
 ><P
@@ -7228,7 +7254,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1432"
+NAME="AEN1440"
 >11.1.1.2. Wert einstellen</A
 ></H4
 ><P
@@ -7255,7 +7281,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1436"
+NAME="AEN1444"
 >11.1.2. Verwendung von "sysctl"</A
 ></H3
 ><P
@@ -7290,7 +7316,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1444"
+NAME="AEN1452"
 >11.1.2.1. Wert anzeigen</A
 ></H4
 ><P
@@ -7317,7 +7343,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1448"
+NAME="AEN1456"
 >11.1.2.2. Wert einstellen</A
 ></H4
 ><P
@@ -7362,7 +7388,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1454"
+NAME="AEN1462"
 >11.1.2.3. Sonstiges</A
 ></H4
 ><P
@@ -7378,7 +7404,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1459"
+NAME="AEN1467"
 >11.1.3. Werte im /proc-Dateisystem</A
 ></H3
 ><P
@@ -7414,7 +7440,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1471"
+NAME="AEN1479"
 >11.2.1. conf/default/*</A
 ></H3
 ><P
@@ -7425,7 +7451,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1474"
+NAME="AEN1482"
 >11.2.2. conf/all/*</A
 ></H3
 ><P
@@ -7437,7 +7463,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1478"
+NAME="AEN1486"
 >11.2.2.1. conf/all/forwarding</A
 ></H4
 ><P
@@ -7466,7 +7492,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1488"
+NAME="AEN1496"
 >11.2.3. conf/interface/*</A
 ></H3
 ><P
@@ -7478,7 +7504,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1492"
+NAME="AEN1500"
 >11.2.3.1. accept_ra</A
 ></H4
 ><P
@@ -7501,7 +7527,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1500"
+NAME="AEN1508"
 >11.2.3.2. accept_redirects</A
 ></H4
 ><P
@@ -7524,7 +7550,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1508"
+NAME="AEN1516"
 >11.2.3.3. autoconf</A
 ></H4
 ><P
@@ -7547,7 +7573,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1516"
+NAME="AEN1524"
 >11.2.3.4. dad_transmits</A
 ></H4
 ><P
@@ -7570,7 +7596,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1524"
+NAME="AEN1532"
 >11.2.3.5. forwarding</A
 ></H4
 ><P
@@ -7653,7 +7679,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1557"
+NAME="AEN1565"
 >11.2.3.6. hop_limit</A
 ></H4
 ><P
@@ -7676,7 +7702,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1565"
+NAME="AEN1573"
 >11.2.3.7. mtu</A
 ></H4
 ><P
@@ -7699,7 +7725,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1573"
+NAME="AEN1581"
 >11.2.3.8. router_solicitation_delay</A
 ></H4
 ><P
@@ -7722,7 +7748,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1581"
+NAME="AEN1589"
 >11.2.3.9. router_solicitation_interval</A
 ></H4
 ><P
@@ -7745,7 +7771,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1589"
+NAME="AEN1597"
 >11.2.3.10. router_solicitations</A
 ></H4
 ><P
@@ -7769,7 +7795,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1597"
+NAME="AEN1605"
 >11.2.4. neigh/default/*</A
 ></H3
 ><P
@@ -7779,7 +7805,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1600"
+NAME="AEN1608"
 >11.2.4.1. gc_thresh1</A
 ></H4
 ><P
@@ -7802,7 +7828,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1608"
+NAME="AEN1616"
 >11.2.4.2. gc_thresh2</A
 ></H4
 ><P
@@ -7825,7 +7851,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1616"
+NAME="AEN1624"
 >11.2.4.3. gc_thresh3</A
 ></H4
 ><P
@@ -7870,7 +7896,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1627"
+NAME="AEN1635"
 >11.2.4.4. gc_interval</A
 ></H4
 ><P
@@ -7894,7 +7920,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1635"
+NAME="AEN1643"
 >11.2.5. neigh/interface/*</A
 ></H3
 ><P
@@ -7904,7 +7930,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1638"
+NAME="AEN1646"
 >11.2.5.1. anycast_delay</A
 ></H4
 ><P
@@ -7927,7 +7953,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1646"
+NAME="AEN1654"
 >11.2.5.2. gc_stale_time</A
 ></H4
 ><P
@@ -7950,7 +7976,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1654"
+NAME="AEN1662"
 >11.2.5.3. proxy_qlen</A
 ></H4
 ><P
@@ -7973,7 +7999,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1662"
+NAME="AEN1670"
 >11.2.5.4. unres_qlen</A
 ></H4
 ><P
@@ -7996,7 +8022,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1670"
+NAME="AEN1678"
 >11.2.5.5. app_solicit</A
 ></H4
 ><P
@@ -8019,7 +8045,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1678"
+NAME="AEN1686"
 >11.2.5.6. locktime</A
 ></H4
 ><P
@@ -8042,7 +8068,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1686"
+NAME="AEN1694"
 >11.2.5.7. retrans_time</A
 ></H4
 ><P
@@ -8065,7 +8091,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1694"
+NAME="AEN1702"
 >11.2.5.8. base_reachable_time</A
 ></H4
 ><P
@@ -8088,7 +8114,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1702"
+NAME="AEN1710"
 >11.2.5.9. mcast_solicit</A
 ></H4
 ><P
@@ -8111,7 +8137,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1710"
+NAME="AEN1718"
 >11.2.5.10. ucast_solicit</A
 ></H4
 ><P
@@ -8134,7 +8160,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1718"
+NAME="AEN1726"
 >11.2.5.11. delay_first_probe_time</A
 ></H4
 ><P
@@ -8157,7 +8183,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1726"
+NAME="AEN1734"
 >11.2.5.12. proxy_delay</A
 ></H4
 ><P
@@ -8181,7 +8207,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1734"
+NAME="AEN1742"
 >11.2.6. route/*</A
 ></H3
 ><P
@@ -8191,7 +8217,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1737"
+NAME="AEN1745"
 >11.2.6.1. flush</A
 ></H4
 ><P
@@ -8202,7 +8228,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1740"
+NAME="AEN1748"
 >11.2.6.2. gc_interval</A
 ></H4
 ><P
@@ -8225,7 +8251,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1748"
+NAME="AEN1756"
 >11.2.6.3. gc_thresh</A
 ></H4
 ><P
@@ -8248,7 +8274,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1756"
+NAME="AEN1764"
 >11.2.6.4. mtu_expires</A
 ></H4
 ><P
@@ -8271,7 +8297,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1764"
+NAME="AEN1772"
 >11.2.6.5. gc_elasticity</A
 ></H4
 ><P
@@ -8294,7 +8320,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1772"
+NAME="AEN1780"
 >11.2.6.6. gc_min_interval</A
 ></H4
 ><P
@@ -8317,7 +8343,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1780"
+NAME="AEN1788"
 >11.2.6.7. gc_timeout</A
 ></H4
 ><P
@@ -8340,7 +8366,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1788"
+NAME="AEN1796"
 >11.2.6.8. min_adv_mss</A
 ></H4
 ><P
@@ -8363,7 +8389,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1796"
+NAME="AEN1804"
 >11.2.6.9. max_size</A
 ></H4
 ><P
@@ -8398,7 +8424,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1807"
+NAME="AEN1815"
 >11.3.1. ip_*</A
 ></H3
 ><DIV
@@ -8406,7 +8432,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1809"
+NAME="AEN1817"
 >11.3.1.1. ip_local_port_range</A
 ></H4
 ><P
@@ -8418,7 +8444,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1812"
+NAME="AEN1820"
 >11.3.2. tcp_*</A
 ></H3
 ><P
@@ -8429,7 +8455,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1815"
+NAME="AEN1823"
 >11.3.3. icmp_*</A
 ></H3
 ><P
@@ -8440,7 +8466,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1818"
+NAME="AEN1826"
 >11.3.4. Sonstige Einträge</A
 ></H3
 ><P
@@ -8462,7 +8488,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1824"
+NAME="AEN1832"
 >11.4.1. if_inet6</A
 ></H3
 ><P
@@ -8529,7 +8555,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1844"
+NAME="AEN1852"
 >11.4.2. ipv6_route</A
 ></H3
 ><P
@@ -8617,7 +8643,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1872"
+NAME="AEN1880"
 >11.4.3. sockstat6</A
 ></H3
 ><P
@@ -8655,7 +8681,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1879"
+NAME="AEN1887"
 >11.4.4. tcp6</A
 ></H3
 ><P
@@ -8666,7 +8692,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1882"
+NAME="AEN1890"
 >11.4.5. udp6</A
 ></H3
 ><P
@@ -8677,7 +8703,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1885"
+NAME="AEN1893"
 >11.4.6. igmp6</A
 ></H3
 ><P
@@ -8688,7 +8714,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1888"
+NAME="AEN1896"
 >11.4.7. raw6</A
 ></H3
 ><P
@@ -8699,7 +8725,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1891"
+NAME="AEN1899"
 >11.4.8. ip6_flowlabel</A
 ></H3
 ><P
@@ -8710,7 +8736,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1894"
+NAME="AEN1902"
 >11.4.9. rt6_stats</A
 ></H3
 ><P
@@ -8721,7 +8747,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1897"
+NAME="AEN1905"
 >11.4.10. snmp6</A
 ></H3
 ><P
@@ -8740,7 +8766,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1903"
+NAME="AEN1911"
 >11.4.11. ip6_tables_names</A
 ></H3
 ><P
@@ -8796,7 +8822,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1920"
+NAME="AEN1928"
 >14.1. Server Socket-Anbindung</A
 ></H2
 ><DIV
@@ -8804,7 +8830,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1922"
+NAME="AEN1930"
 >14.1.1. Überprüfung der Server Socket-Anbindung mit “netstat”</A
 ></H3
 ><P
@@ -8914,7 +8940,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1932"
+NAME="AEN1940"
 >14.2.1. Router-Erkennung</A
 ></H3
 ><DIV
@@ -8922,7 +8948,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1934"
+NAME="AEN1942"
 >14.2.1.1. Router Advertisement</A
 ></H4
 ><TABLE
@@ -8953,7 +8979,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1938"
+NAME="AEN1946"
 >14.2.1.2. Router Anfrage</A
 ></H4
 ><TABLE
@@ -8981,7 +9007,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1942"
+NAME="AEN1950"
 >14.2.2. Neighbor-Erkennung</A
 ></H3
 ><DIV
@@ -8989,7 +9015,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1944"
+NAME="AEN1952"
 >14.2.2.1. Neighbor discovery solicitation zur Entdeckung doppelter Adressen</A
 ></H4
 ><P
@@ -9074,7 +9100,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1959"
+NAME="AEN1967"
 >14.2.2.2. Neighbor discovery solicitation zur Host oder Gateway-Suche</A
 ></H4
 ><P
@@ -9144,7 +9170,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1972"
+NAME="AEN1980"
 >15.1. Red Hat Linux und “Klone”</A
 ></H2
 ><P
@@ -9170,7 +9196,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1980"
+NAME="AEN1988"
 >15.1.1. Test der IPv6-Unterstützung bei Netzwerk-Konfigurations-Scripts</A
 ></H3
 ><P
@@ -9243,7 +9269,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1991"
+NAME="AEN1999"
 >15.1.2. Kurze Anleitung zum aktivieren von IPv6 bei RHL 7.1, 7.2, 7.3, ...</A
 ></H3
 ><P
@@ -9349,7 +9375,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2010"
+NAME="AEN2018"
 >15.2. SuSE Linux</A
 ></H2
 ><P
@@ -9362,7 +9388,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2014"
+NAME="AEN2022"
 >15.2.1. SuSE Linux 7.3</A
 ></H3
 ><P
@@ -9383,7 +9409,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2020"
+NAME="AEN2028"
 >15.2.2. SuSE Linux 8.0</A
 ></H3
 ><DIV
@@ -9391,7 +9417,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2022"
+NAME="AEN2030"
 >15.2.2.1. IPv6-Adress-Konfiguration</A
 ></H4
 ><P
@@ -9417,7 +9443,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2026"
+NAME="AEN2034"
 >15.2.2.2. Zusätzliche information</A
 ></H4
 ><P
@@ -9429,7 +9455,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2029"
+NAME="AEN2037"
 >15.2.3. SuSE Linux 8.1</A
 ></H3
 ><DIV
@@ -9437,7 +9463,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2031"
+NAME="AEN2039"
 >15.2.3.1. IPv6-Adress-Konfiguration</A
 ></H4
 ><P
@@ -9463,7 +9489,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2035"
+NAME="AEN2043"
 >15.2.3.2. Zusätzliche information</A
 ></H4
 ><P
@@ -9542,7 +9568,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2050"
+NAME="AEN2058"
 >15.3.1. Weiterführende Informationen</A
 ></H3
 ><P
@@ -9583,7 +9609,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2062"
+NAME="AEN2070"
 >16.1. Stateless Auto-Konfiguration (out-of-the-box)</A
 ></H2
 ><P
@@ -9614,7 +9640,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2067"
+NAME="AEN2075"
 >16.2. Stateless Auto-Konfiguration unter Verwendung des Router Advertisement Daemon (radvd)</A
 ></H2
 ><P
@@ -9628,7 +9654,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2071"
+NAME="AEN2079"
 >16.3. Dynamic Host Configuration Protocol v6 (DHCPv6)</A
 ></H2
 ><P
@@ -9654,9 +9680,9 @@ HREF="#HINTS-DAEMONS-DIBBLER"
 ><LI
 ><P
 ><A
-HREF="http://dhcpv6.sourceforge.net/"
+HREF="https://fedorahosted.org/dhcpv6/"
 TARGET="_top"
->DHCPv6 on Sourceforge</A
+>dhcpv6</A
 > (<A
 HREF="#HINTS-DAEMONS-DHCPV6."
 >Tipps zur Konfiguration</A
@@ -9688,7 +9714,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2090"
+NAME="AEN2098"
 >17.1. Allgemeines</A
 ></H2
 ><DIV
@@ -9696,7 +9722,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2092"
+NAME="AEN2100"
 >17.1.1. Mobilität eines Knotens (Node Mobility)</A
 ></H3
 ><P
@@ -9719,7 +9745,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2099"
+NAME="AEN2107"
 >17.1.2. Netzwerk-Mobililtät</A
 ></H3
 ><P
@@ -9740,7 +9766,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2105"
+NAME="AEN2113"
 >17.1.3. Links</A
 ></H3
 ><P
@@ -9889,13 +9915,17 @@ HREF="#IPV6-SECURITY-AUDITING"
 >Abschnitt 19.3</A
 >.</P
 ><P
->Kernels ab Version 2.6.20 unterstützen den IPv6-Verbindungsstatus (connection tracking) vollständig.</P
+>Kernels ab Version 2.6.20 (Februar 2007) unterstützen den IPv6-Verbindungsstatus (connection tracking) vollständig.</P
+><P
+>Kernels ab Version 3.9.0 (April 2013) unterstützen NAT für IPv6 in Verbindung mit ip6tables &#62;= 1.4.18</P
+><P
+>Kernels ab Version 3.13 (April 2014) unterstützen ein neues Framework namens: nftables</P
 ><DIV
 CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2158"
+NAME="AEN2168"
 >18.1.1. Weitere Informationen</A
 ></H3
 ><P
@@ -9941,7 +9971,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2173"
+NAME="AEN2183"
 >18.2. Vorbereitung</A
 ></H2
 ><P
@@ -9951,7 +9981,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2176"
+NAME="AEN2186"
 >18.2.1. Quellen besorgen</A
 ></H3
 ><P
@@ -9980,7 +10010,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2185"
+NAME="AEN2195"
 >18.2.2. Quellen entpacken</A
 ></H3
 ><P
@@ -10041,7 +10071,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2193"
+NAME="AEN2203"
 >18.2.3. Neueste iptables/IPv6-relevante Patches den Kernel-Quellen hinzufügen</A
 ></H3
 ><P
@@ -10149,7 +10179,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2217"
+NAME="AEN2227"
 >18.2.4. Konfiguration, kompilieren und Installation eines neues Kernels</A
 ></H3
 ><P
@@ -10232,7 +10262,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2227"
+NAME="AEN2237"
 >18.2.5. iptables neu kompilieren und installieren</A
 ></H3
 ><P
@@ -10383,7 +10413,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2251"
+NAME="AEN2261"
 >18.3. Verwendung</A
 ></H2
 ><DIV
@@ -10391,7 +10421,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2253"
+NAME="AEN2263"
 >18.3.1. Unterstützung im Kernel</A
 ></H3
 ><P
@@ -10435,7 +10465,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2259"
+NAME="AEN2269"
 >18.3.2. Die Benützung von iptables lernen</A
 ></H3
 ><DIV
@@ -10443,7 +10473,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2261"
+NAME="AEN2271"
 >18.3.2.1. Auflistung aller netfilter Einträge</A
 ></H4
 ><P
@@ -10498,7 +10528,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2271"
+NAME="AEN2281"
 >18.3.2.2. Auflistung angegebener Filter</A
 ></H4
 ><TABLE
@@ -10522,7 +10552,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2274"
+NAME="AEN2284"
 >18.3.2.3. Hinzufügen einer Log-Regel zum Input-Filter mit Optionen</A
 ></H4
 ><TABLE
@@ -10547,7 +10577,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2277"
+NAME="AEN2287"
 >18.3.2.4. Hinzufügen einer Drop-Regel zum Input-Filter</A
 ></H4
 ><TABLE
@@ -10571,7 +10601,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2280"
+NAME="AEN2290"
 >18.3.2.5. Löschen einer Regel mit Hilfe der Regelnummer</A
 ></H4
 ><TABLE
@@ -10595,7 +10625,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2283"
+NAME="AEN2293"
 >18.3.2.6. Aktiviere die Auswertung des Verbindungsstatus (connection tracking)</A
 ></H4
 ><P
@@ -10621,7 +10651,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2287"
+NAME="AEN2297"
 >18.3.2.7. ICMPv6 erlauben</A
 ></H4
 ><P
@@ -10695,7 +10725,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2300"
+NAME="AEN2310"
 >18.3.2.8. Rate-limiting</A
 ></H4
 ><P
@@ -10722,7 +10752,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2304"
+NAME="AEN2314"
 >18.3.2.9. Eingehende SSH-Verbindung erlauben</A
 ></H4
 ><P
@@ -10781,7 +10811,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2315"
+NAME="AEN2325"
 >18.3.2.10. Getunnelten IPv6-in-IPv4 Datenverkehr erlauben</A
 ></H4
 ><P
@@ -10886,7 +10916,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2335"
+NAME="AEN2345"
 >18.3.2.11. Schutz gegen eingehende TCP-Verbindungs-Anfragen</A
 ></H4
 ><P
@@ -10945,7 +10975,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2347"
+NAME="AEN2357"
 >18.3.2.12. Schutz gegen eingehende UDP-Verbindungs-Anfragen</A
 ></H4
 ><P
@@ -11003,7 +11033,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2358"
+NAME="AEN2368"
 >18.3.3. Anwendungsbeispiele</A
 ></H3
 ><DIV
@@ -11011,7 +11041,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2360"
+NAME="AEN2370"
 >18.3.3.1. Einfaches Beispiel für Fedora</A
 ></H4
 ><P
@@ -11144,7 +11174,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2377"
+NAME="AEN2387"
 >18.3.3.2. Umfangreicheres Beispiel</A
 ></H4
 ><P
@@ -11287,7 +11317,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2384"
+NAME="AEN2394"
 >18.4.1. IPv6 Maskierung</A
 ></H3
 ><P
@@ -11313,7 +11343,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2388"
+NAME="AEN2398"
 >18.4.2. IPv6 Destination NAT</A
 ></H3
 ><P
@@ -11339,7 +11369,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2392"
+NAME="AEN2402"
 >18.4.3. IPv6 Port Weiterleitung</A
 ></H3
 ><P
@@ -11361,6 +11391,263 @@ CLASS="SCREEN"
 ></TABLE
 ></DIV
 ></DIV
+><DIV
+CLASS="SECT1"
+><HR><H2
+CLASS="SECT1"
+><A
+NAME="AEN2406"
+>18.5. Firewall-Setup mit nftables</A
+></H2
+><P
+>Mit nftables wurde die Unterstützung einer Tabelle names “inet” eingeführt in welcher Regeln für IPv4/IPv6 gleichzeitig gelten</P
+><DIV
+CLASS="SECT2"
+><HR><H3
+CLASS="SECT2"
+><A
+NAME="AEN2409"
+>18.5.1. Präparation zur Nutzung von nftables</A
+></H3
+><P
+>Installieren einer Linux-Distribution, welche die Unterstützung für nftables bereits eingebaut hat. Beim Schreiben dieses Absatzes (Mai 2014) war mindestens Fedora Rawhide (Vorläufer der Version 21) mit entsprechendem Support und nftables version 0.2.0 versehen.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><HR><H3
+CLASS="SECT2"
+><A
+NAME="AEN2412"
+>18.5.2. Basis-nftables Konfiguration</A
+></H3
+><P
+>Laden der Kernel-Module</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># modprobe nf_tables
+# modprobe nf_tables_ipv4
+# modprobe nf_tables_ipv6
+# modprobe nf_tables_inet </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Erzeugen der Filter-Tabellen</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add table ip   filter
+# nft add table ip6  filter
+# nft add table inet filter </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Erzeugen einer input chain in jeder Filter-Tabelle</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add chain ip   filter input { type filter hook input priority 1 \; }
+# nft add chain ip6  filter input { type filter hook input priority 1 \; } 
+# nft add chain inet filter input { type filter hook input priority 0 \; }</PRE
+></FONT
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT2"
+><HR><H3
+CLASS="SECT2"
+><A
+NAME="AEN2420"
+>18.5.3. Einfache Filter-Policy mit nftables</A
+></H3
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="AEN2422"
+>18.5.3.1. Konfiguration</A
+></H4
+><P
+>Erlauben von Paketen, die zu existierenden Einträgen in der Connection-Tracking-Tabelle gehören</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule inet filter input ct state established,related counter accept </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Erlauben von IPv4 und IPv6 ICMP echo-request (aka ping)</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule ip filter input icmp type { echo-request } counter accept 
+# nft add rule ip6 filter input icmpv6 type echo-request counter accept </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Erlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit-Prüfung (erhöht die Sicherheit)</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept</PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Erlauben von eingehenden SSH-Verbindungen für IPv4 und IPv6 unter Nutzung der IP-Version unabhängigen Tabelle “inet”</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule inet filter input tcp dport 22 ct state new tcp flags \&#38; \(syn \| ack\) == syn counter accept</PRE
+></FONT
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><HR><H4
+CLASS="SECT3"
+><A
+NAME="AEN2432"
+>18.5.3.2. Ergebnis</A
+></H4
+><P
+>Tabelle für IPv4 Filter</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft list table ip filter
+table ip filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmp type { echo-request} counter packets 0 bytes 0 accept
+	}
+}</PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Tabelle für IPv6 Filter</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft list table ip6 filter
+table ip6 filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmpv6 type echo-request counter packets 0 bytes 0 accept
+		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+	}
+}</PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Tabelle für IP unabhängigen Filter</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft list table inet filter
+table inet filter {
+	chain input {
+		 type filter hook input priority 0;
+		 ct state established,related counter packets 44 bytes 2288 accept
+		 tcp dport ssh ct state new tcp flags &#38; (syn | ack) == syn counter packets 0 bytes 0 accept
+	}
+} </PRE
+></FONT
+></TD
+></TR
+></TABLE
+></DIV
+></DIV
+></DIV
 ></DIV
 ><DIV
 CLASS="CHAPTER"
@@ -11374,7 +11661,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2398"
+NAME="AEN2442"
 >19.1. Sicherheit des Knoten</A
 ></H2
 ><P
@@ -11387,7 +11674,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2402"
+NAME="AEN2446"
 >19.2. Zugangsbeschränkungen</A
 ></H2
 ><P
@@ -11417,7 +11704,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2411"
+NAME="AEN2455"
 >19.3.1. Rechtsfragen</A
 ></H3
 ><P
@@ -11429,7 +11716,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2414"
+NAME="AEN2458"
 >19.3.2. Sicherheitsüberwachung mit IPv6 fähigen netcat</A
 ></H3
 ><P
@@ -11460,7 +11747,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2419"
+NAME="AEN2463"
 >19.3.3. Sicherheitsüberwachung mit IPv6 fähigen NMap</A
 ></H3
 ><P
@@ -11499,7 +11786,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2424"
+NAME="AEN2468"
 >19.3.4. Sicherheitsüberprüfung IPv6 fähigen strobe</A
 ></H3
 ><P
@@ -11536,7 +11823,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2430"
+NAME="AEN2474"
 >19.3.5. Sicherheitsüberprüfung mit Online-Werkzeugen</A
 ></H3
 ><P
@@ -11567,7 +11854,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2440"
+NAME="AEN2484"
 >19.3.6. Überprüfungsergebnisse</A
 ></H3
 ><P
@@ -11614,7 +11901,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2455"
+NAME="AEN2499"
 >20.1. Nutzungsarten von Verschlüsselung und Authentifizierung</A
 ></H2
 ><P
@@ -11624,7 +11911,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2458"
+NAME="AEN2502"
 >20.1.1. Transport-Modus</A
 ></H3
 ><P
@@ -11637,7 +11924,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2462"
+NAME="AEN2506"
 >20.1.2. Tunnel-Modus</A
 ></H3
 ><P
@@ -11651,7 +11938,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2466"
+NAME="AEN2510"
 >20.2. Unterstützung im Kernel (ESP und AH)</A
 ></H2
 ><DIV
@@ -11659,7 +11946,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2468"
+NAME="AEN2512"
 >20.2.1. Unterstützung im vanilla Linux Kernel 2.4.x</A
 ></H3
 ><P
@@ -11674,7 +11961,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2472"
+NAME="AEN2516"
 >20.2.2. Unterstützung im vanilla Linux kernel 2.6.x</A
 ></H3
 ><P
@@ -11688,7 +11975,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2476"
+NAME="AEN2520"
 >20.3. Automatischer Schlüssel-Austausch (IKE)</A
 ></H2
 ><P
@@ -11702,7 +11989,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2481"
+NAME="AEN2525"
 >20.3.1. IKE-Daemon “racoon”</A
 ></H3
 ><P
@@ -11716,7 +12003,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2485"
+NAME="AEN2529"
 >20.3.1.1. Manipulation der IPsec SA/SP Datenbank mit dem Werkzeug “setkey”</A
 ></H4
 ><P
@@ -11787,7 +12074,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2498"
+NAME="AEN2542"
 >20.3.1.2. Konfiguration des IKE-Daemon “racoon”</A
 ></H4
 ><P
@@ -11875,7 +12162,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2506"
+NAME="AEN2550"
 >20.3.1.3. IPsec mit IKE-Daemon “racoon” starten</A
 ></H4
 ><P
@@ -11979,7 +12266,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2515"
+NAME="AEN2559"
 >20.3.2. IKE-Daemon “pluto”</A
 ></H3
 ><P
@@ -12003,7 +12290,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2522"
+NAME="AEN2566"
 >20.3.2.1. Konfiguration des IKE-Daemon “pluto”</A
 ></H4
 ><P
@@ -12076,7 +12363,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2530"
+NAME="AEN2574"
 >20.3.2.2. IPsec mit IKE daemon “pluto” starten</A
 ></H4
 ><P
@@ -12167,7 +12454,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2538"
+NAME="AEN2582"
 >20.4. Anmerkungen:</A
 ></H2
 ><P
@@ -12221,7 +12508,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2550"
+NAME="AEN2594"
 >21.1. General</A
 ></H2
 ><P
@@ -12253,7 +12540,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2554"
+NAME="AEN2598"
 >21.2. Linux QoS mit “tc”</A
 ></H2
 ><P
@@ -12267,7 +12554,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2558"
+NAME="AEN2602"
 >21.2.1. Beispiel für eine Warteschlange mit konstanter Bitrate</A
 ></H3
 ><P
@@ -12277,7 +12564,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2561"
+NAME="AEN2605"
 >21.2.1.1. Root qdisc Definition</A
 ></H4
 ><P
@@ -12303,7 +12590,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2565"
+NAME="AEN2609"
 >21.2.1.2. QoS class Definition</A
 ></H4
 ><P
@@ -12380,7 +12667,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2575"
+NAME="AEN2619"
 >21.2.1.3. QoS filter Definition</A
 ></H4
 ><P
@@ -12488,7 +12775,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2594"
+NAME="AEN2638"
 >21.2.1.4. Testen der Filterdefinition mit iperf</A
 ></H4
 ><P
@@ -12562,7 +12849,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2607"
+NAME="AEN2651"
 >22.1.1. Auf IPv6 Adressen hören</A
 ></H3
 ><P
@@ -12576,7 +12863,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2612"
+NAME="AEN2656"
 >22.1.1.1. BIND named konfigurieren, damit er auf IPv6 Adressen antwortet</A
 ></H4
 ><P
@@ -12651,7 +12938,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2621"
+NAME="AEN2665"
 >22.1.1.2. BIND named konfigurieren, damit er auf IPv6 Adressen nicht antwortet</A
 ></H4
 ><P
@@ -12681,7 +12968,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2625"
+NAME="AEN2669"
 >22.1.2. Access Control Lists (ACL) mit IPv6 Unterstützung</A
 ></H3
 ><P
@@ -12747,7 +13034,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2634"
+NAME="AEN2678"
 >22.1.3. Anfragen mit festen IPv6 Adressen senden</A
 ></H3
 ><P
@@ -12773,7 +13060,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2638"
+NAME="AEN2682"
 >22.1.4. Pro Zone definierte feste IPv6 Adressen</A
 ></H3
 ><P
@@ -12783,7 +13070,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2641"
+NAME="AEN2685"
 >22.1.4.1. Transfer source Adresse</A
 ></H4
 ><P
@@ -12809,7 +13096,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2645"
+NAME="AEN2689"
 >22.1.4.2. Notify source Adresse</A
 ></H4
 ><P
@@ -12836,7 +13123,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2649"
+NAME="AEN2693"
 >22.1.5. IPv6 DNS zone files Beispiele</A
 ></H3
 ><P
@@ -12855,7 +13142,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2654"
+NAME="AEN2698"
 >22.1.6. IPv6 bezogene DNS-Daten bereitstellen</A
 ></H3
 ><P
@@ -12913,7 +13200,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2674"
+NAME="AEN2718"
 >22.1.6.1. Aktuell beste Praxis</A
 ></H4
 ><P
@@ -12949,7 +13236,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2687"
+NAME="AEN2731"
 >22.1.7. IPv6 Verbindung überprüfen</A
 ></H3
 ><P
@@ -12959,7 +13246,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2690"
+NAME="AEN2734"
 >22.1.7.1. IPv6 Verbindung durch ACL abgelehnt</A
 ></H4
 ><P
@@ -13012,7 +13299,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2697"
+NAME="AEN2741"
 >22.1.7.2. Erfolgreiche IPv6 Verbindung</A
 ></H4
 ><P
@@ -13129,7 +13416,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2716"
+NAME="AEN2760"
 >22.3.1. Auf IPv6 Adressen hören</A
 ></H3
 ><P
@@ -13139,7 +13426,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2719"
+NAME="AEN2763"
 >22.3.1.1. Virtueller Host mit IPv6 Adresse</A
 ></H4
 ><TABLE
@@ -13167,7 +13454,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2722"
+NAME="AEN2766"
 >22.3.1.2. Virtueller Host mit IPv4 und IPv6 Adresse</A
 ></H4
 ><TABLE
@@ -13218,7 +13505,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2728"
+NAME="AEN2772"
 >22.3.1.3. Zusätzliche Anmerkungen</A
 ></H4
 ><P
@@ -13261,7 +13548,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2743"
+NAME="AEN2787"
 >22.4.1. radvd konfigurieren</A
 ></H3
 ><DIV
@@ -13269,7 +13556,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2745"
+NAME="AEN2789"
 >22.4.1.1. Einfache Konfiguration</A
 ></H4
 ><P
@@ -13327,7 +13614,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2752"
+NAME="AEN2796"
 >22.4.1.2. Spezielle 6to4 Konfiguration</A
 ></H4
 ><P
@@ -13408,7 +13695,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2762"
+NAME="AEN2806"
 >22.4.2. Fehlersuche</A
 ></H3
 ><P
@@ -13471,7 +13758,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2772"
+NAME="AEN2816"
 >22.5.1. Konfiguration des DHCPv6-Servers (dhcp6s)</A
 ></H3
 ><DIV
@@ -13479,7 +13766,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2774"
+NAME="AEN2818"
 >22.5.1.1. Einfache Konfiguration</A
 ></H4
 ><P
@@ -13518,7 +13805,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2778"
+NAME="AEN2822"
 >22.5.2. Konfiguration des DHCPv6-Client (dhcp6s)</A
 ></H3
 ><DIV
@@ -13526,7 +13813,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2780"
+NAME="AEN2824"
 >22.5.2.1. Einfache Konfiguration</A
 ></H4
 ><P
@@ -13556,7 +13843,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2784"
+NAME="AEN2828"
 >22.5.3. Benutzung</A
 ></H3
 ><DIV
@@ -13564,7 +13851,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2786"
+NAME="AEN2830"
 >22.5.3.1. dhcp6s</A
 ></H4
 ><P
@@ -13590,7 +13877,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2790"
+NAME="AEN2834"
 >22.5.3.2. dhcp6c</A
 ></H4
 ><P
@@ -13618,7 +13905,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2794"
+NAME="AEN2838"
 >22.5.4. Fehlersuche</A
 ></H3
 ><DIV
@@ -13626,7 +13913,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2796"
+NAME="AEN2840"
 >22.5.4.1. dhcp6s</A
 ></H4
 ><P
@@ -13652,7 +13939,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2800"
+NAME="AEN2844"
 >22.5.4.2. dhcp6c</A
 ></H4
 ><P
@@ -13719,7 +14006,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2810"
+NAME="AEN2854"
 >22.6.1. Konfiguration des ISC DHCP Server für IPv6 (dhcpd)</A
 ></H3
 ><P
@@ -13729,7 +14016,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2813"
+NAME="AEN2857"
 >22.6.1.1. Einfache Configuration</A
 ></H4
 ><P
@@ -13795,7 +14082,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2819"
+NAME="AEN2863"
 >22.6.2. Benutzung</A
 ></H3
 ><DIV
@@ -13803,7 +14090,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2821"
+NAME="AEN2865"
 >22.6.2.1. dhcpd</A
 ></H4
 ><P
@@ -13850,7 +14137,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2828"
+NAME="AEN2872"
 >22.7.1. Konfiguration des Dibbler DHCP server für IPv6</A
 ></H3
 ><DIV
@@ -13858,7 +14145,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2830"
+NAME="AEN2874"
 >22.7.1.1. Einfache Konfuration</A
 ></H4
 ><P
@@ -13896,7 +14183,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2834"
+NAME="AEN2878"
 >22.7.2. Benutzung</A
 ></H3
 ><DIV
@@ -13904,7 +14191,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2836"
+NAME="AEN2880"
 >22.7.2.1. dibbler-server</A
 ></H4
 ><P
@@ -13965,7 +14252,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2843"
+NAME="AEN2887"
 >22.8.1. Filter-Funktionalität</A
 ></H3
 ><P
@@ -13988,7 +14275,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2851"
+NAME="AEN2895"
 >22.8.2. Welches Programm benützt tcp_wrapper</A
 ></H3
 ><P
@@ -14011,7 +14298,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2859"
+NAME="AEN2903"
 >22.8.3. Anwendung</A
 ></H3
 ><P
@@ -14036,7 +14323,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2863"
+NAME="AEN2907"
 >22.8.3.1. Beispiel für /etc/hosts.allow</A
 ></H4
 ><P
@@ -14065,7 +14352,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2868"
+NAME="AEN2912"
 >22.8.3.2. Beispiel für /etc/hosts.deny</A
 ></H4
 ><P
@@ -14110,7 +14397,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2874"
+NAME="AEN2918"
 >22.8.4. Protokollierung</A
 ></H3
 ><P
@@ -14120,7 +14407,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2877"
+NAME="AEN2921"
 >22.8.4.1. Abgelehnte Verbindung</A
 ></H4
 ><P
@@ -14170,7 +14457,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2883"
+NAME="AEN2927"
 >22.8.4.2. Akzeptierte Verbindung</A
 ></H4
 ><P
@@ -14229,7 +14516,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2891"
+NAME="AEN2935"
 >22.9.1. Auf IPv6-Adressen lauschen</A
 ></H3
 ><P
@@ -14266,7 +14553,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2898"
+NAME="AEN2942"
 >22.10.1. Auf IPv6-Adressen lauschen</A
 ></H3
 ><P
@@ -14333,7 +14620,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2912"
+NAME="AEN2956"
 >23.2. Andere Programmiersprachen</A
 ></H2
 ><DIV
@@ -14341,7 +14628,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2914"
+NAME="AEN2958"
 >23.2.1. JAVA</A
 ></H3
 ><P
@@ -14366,7 +14653,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2921"
+NAME="AEN2965"
 >23.2.2. Perl</A
 ></H3
 ><P
@@ -14430,7 +14717,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2939"
+NAME="AEN2983"
 >25.1.1. Gedruckte Bücher (Englisch)</A
 ></H3
 ><DIV
@@ -14438,7 +14725,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2941"
+NAME="AEN2985"
 >25.1.1.1. Cisco</A
 ></H4
 ><P
@@ -14460,7 +14747,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2948"
+NAME="AEN2992"
 >25.1.1.2. Allgemein</A
 ></H4
 ><P
@@ -14557,7 +14844,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2982"
+NAME="AEN3026"
 >25.1.2. Artikel, eBooks, Online Rezensionen</A
 ></H3
 ><P
@@ -14673,7 +14960,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3020"
+NAME="AEN3064"
 >25.1.4. Sonstiges</A
 ></H3
 ><P
@@ -14699,7 +14986,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3027"
+NAME="AEN3071"
 >25.2.1. 2004</A
 ></H3
 ><P
@@ -14948,7 +15235,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3102"
+NAME="AEN3146"
 >25.3.2. Neueste Nachrichten und URLs zu anderen Dokumenten</A
 ></H3
 ><P
@@ -14977,7 +15264,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3111"
+NAME="AEN3155"
 >25.3.3. Protokoll-Informationen</A
 ></H3
 ><DIV
@@ -14985,7 +15272,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3113"
+NAME="AEN3157"
 >25.3.3.1. IPv6 bezogene Request For Comments (RFCs)</A
 ></H4
 ><P
@@ -15020,7 +15307,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3124"
+NAME="AEN3168"
 >25.3.3.2. Aktuelle Entwürfe diverser Arbeitsgruppen</A
 ></H4
 ><P
@@ -15091,7 +15378,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3149"
+NAME="AEN3193"
 >25.3.3.3. Sonstige</A
 ></H4
 ><P
@@ -15113,7 +15400,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3155"
+NAME="AEN3199"
 >25.3.4. Weitere Informationen</A
 ></H3
 ><P
@@ -15127,7 +15414,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3159"
+NAME="AEN3203"
 >25.3.4.1. Linux Informationen</A
 ></H4
 ><P
@@ -15212,7 +15499,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3187"
+NAME="AEN3231"
 >25.3.4.2. Informationen zu Linux-Distributionen</A
 ></H4
 ><P
@@ -15302,7 +15589,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3224"
+NAME="AEN3268"
 >25.3.4.3. Allgemeine Informationen</A
 ></H4
 ><P
@@ -15482,22 +15769,18 @@ NAME="INFORMATION-MARKETRESEARCH"
 ><LI
 ><P
 ><A
-HREF="http://www.seminarinformation.com/wconnect/wc.dll?sis~details0~307~TSN"
+HREF="http://www.statista.com/search/internet+america/"
 TARGET="_top"
->A Tale of Two Wireless Technology Trends: Processor Development Outsourcing and IPv6</A
->Yankee Group - 4/1/2002 - 12 Seiten - ID: YANL768881</P
+>statista - The Statistics Portal</A
+></P
 ></LI
 ><LI
 ><P
 ><A
-HREF="http://www.marketresearch.com/product/display.asp?SID=88602378-241489274-186851952&#38;ProductID=803907"
+HREF="http://www.marketresearch.com/"
 TARGET="_top"
->The World Atlas of the Internet: Americas</A
->; IDATE - 2/1/2002 - 242 Seiten - ID: IDT803907. Folgende Länder werden behandelt: Zentralamerika, Nordamerika,Südamerika; Listenpreis: $ 3,500.00; Exzerpt: Panorama of Internet access markets across the globe. Market assessment and forecasts up to 2006 for 34 countries: market structure: main ISPs and market shares; number of subscribers, of ISPs.</P
-></LI
-><LI
-><P
->Early Interest Rising for IPv6 von IDC (Autor); Listenpreis:   $1,500.00; Edition: e-book (Acrobat Reader); Hrsg.: IDC; ISBN B000065T8E; (1. March 2002) </P
+>Market Research</A
+></P
 ></LI
 ></UL
 ></DIV
@@ -15538,7 +15821,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3305"
+NAME="AEN3347"
 >25.3.5. Sortiert nach Ländern</A
 ></H3
 ><DIV
@@ -15546,7 +15829,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3307"
+NAME="AEN3349"
 >25.3.5.1. Europa</A
 ></H4
 ><P
@@ -15575,7 +15858,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3316"
+NAME="AEN3358"
 >25.3.5.2. Australien</A
 ></H4
 ><P
@@ -15596,7 +15879,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3322"
+NAME="AEN3364"
 >25.3.5.3. Belgien</A
 ></H4
 ><P
@@ -15607,7 +15890,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3325"
+NAME="AEN3367"
 >25.3.5.4. Brasilien</A
 ></H4
 ><P
@@ -15628,7 +15911,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3331"
+NAME="AEN3373"
 >25.3.5.5. China</A
 ></H4
 ><P
@@ -15639,7 +15922,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3334"
+NAME="AEN3376"
 >25.3.5.6. Deutschland</A
 ></H4
 ><P
@@ -15660,7 +15943,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3340"
+NAME="AEN3382"
 >25.3.5.7. Frankreich</A
 ></H4
 ><P
@@ -15697,7 +15980,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3352"
+NAME="AEN3394"
 >25.3.5.8. Großbritannien</A
 ></H4
 ><P
@@ -15718,7 +16001,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3358"
+NAME="AEN3400"
 >25.3.5.9. Indien</A
 ></H4
 ><P
@@ -15729,7 +16012,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3361"
+NAME="AEN3403"
 >25.3.5.10. Italien</A
 ></H4
 ><P
@@ -15750,7 +16033,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3367"
+NAME="AEN3409"
 >25.3.5.11. Japan</A
 ></H4
 ><P
@@ -15771,7 +16054,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3373"
+NAME="AEN3415"
 >25.3.5.12. Korea</A
 ></H4
 ><P
@@ -15800,7 +16083,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3382"
+NAME="AEN3424"
 >25.3.5.13. Mexiko</A
 ></H4
 ><P
@@ -15821,7 +16104,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3388"
+NAME="AEN3430"
 >25.3.5.14. Niederlande</A
 ></H4
 ><P
@@ -15862,7 +16145,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3401"
+NAME="AEN3443"
 >25.3.5.15. Österreich</A
 ></H4
 ><P
@@ -15883,7 +16166,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3407"
+NAME="AEN3449"
 >25.3.5.16. Portugal</A
 ></H4
 ><P
@@ -15894,7 +16177,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3410"
+NAME="AEN3452"
 >25.3.5.17. Russland</A
 ></H4
 ><P
@@ -15915,7 +16198,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3416"
+NAME="AEN3458"
 >25.3.5.18. Schweiz</A
 ></H4
 ><P
@@ -15927,7 +16210,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3419"
+NAME="AEN3461"
 >25.3.6. Sortiert nach Betriebssystemen</A
 ></H3
 ><DIV
@@ -15935,7 +16218,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3421"
+NAME="AEN3463"
 >25.3.6.1. *BSD</A
 ></H4
 ><P
@@ -15972,7 +16255,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3433"
+NAME="AEN3475"
 >25.3.6.2. Cisco IOS</A
 ></H4
 ><P
@@ -16009,7 +16292,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3445"
+NAME="AEN3487"
 >25.3.6.3. HPUX</A
 ></H4
 ><P
@@ -16030,7 +16313,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3451"
+NAME="AEN3493"
 >25.3.6.4. IBM</A
 ></H4
 ><P
@@ -16051,7 +16334,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3457"
+NAME="AEN3499"
 >25.3.6.5. Microsoft</A
 ></H4
 ><P
@@ -16128,7 +16411,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3484"
+NAME="AEN3526"
 >25.3.6.6. Solaris</A
 ></H4
 ><P
@@ -16157,7 +16440,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3493"
+NAME="AEN3535"
 >25.3.6.7. Sumitoma</A
 ></H4
 ><P
@@ -16178,7 +16461,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3499"
+NAME="AEN3541"
 >25.3.6.8. ZebOS</A
 ></H4
 ><P
@@ -16245,7 +16528,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3520"
+NAME="AEN3562"
 >25.3.8. Programm-Listen</A
 ></H3
 ><P
@@ -16293,7 +16576,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3536"
+NAME="AEN3578"
 >25.3.8.1. Analyse-Werkzeuge</A
 ></H4
 ><P
@@ -16324,7 +16607,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3546"
+NAME="AEN3588"
 >25.3.8.2. IPv6 Produkte</A
 ></H4
 ><P
@@ -16424,7 +16707,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN3579"
+NAME="AEN3621"
 >25.4. IPv6 Infrastruktur</A
 ></H2
 ><DIV
@@ -16432,7 +16715,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3581"
+NAME="AEN3623"
 >25.4.1. Statistiken</A
 ></H3
 ><P
@@ -16465,7 +16748,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3591"
+NAME="AEN3633"
 >25.4.2. Internet Exchanges</A
 ></H3
 ><P
@@ -17101,7 +17384,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3772"
+NAME="AEN3814"
 >25.4.4.4. Radiosender, Musik-Streams</A
 ></H4
 ><P
@@ -17163,7 +17446,7 @@ CLASS="INFORMALTABLE"
 ><P
 ></P
 ><A
-NAME="AEN3791"
+NAME="AEN3833"
 ></A
 ><TABLE
 BORDER="1"
@@ -17568,7 +17851,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3907"
+NAME="AEN3949"
 >25.6.1. Test-Werkzeuge</A
 ></H3
 ><P
@@ -17605,7 +17888,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3919"
+NAME="AEN3961"
 >25.6.2. Informationsbeschaffung</A
 ></H3
 ><P
@@ -17626,7 +17909,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3925"
+NAME="AEN3967"
 >25.6.3. IPv6 Looking Glasses</A
 ></H3
 ><P
@@ -17647,7 +17930,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3931"
+NAME="AEN3973"
 >25.6.4. Hilfsapplikationen</A
 ></H3
 ><P
@@ -17741,7 +18024,7 @@ NAME="INFORMATION-ONLINEDISCOVERY"
 CLASS="CHAPTER"
 ><HR><H1
 ><A
-NAME="AEN3962"
+NAME="AEN4004"
 ></A
 >Kapitel 26. Versions-Überblick / Danksagung / Zum Schluss</H1
 ><DIV
@@ -17761,7 +18044,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3968"
+NAME="AEN4010"
 >26.1.1. Ausgabe 0.x</A
 ></H3
 ><DIV
@@ -17769,7 +18052,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3970"
+NAME="AEN4012"
 >26.1.1.1. Englische Sprachversion (Peter Bieringer's Original)</A
 ></H4
 ><P
@@ -17784,7 +18067,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3974"
+NAME="AEN4016"
 >26.1.1.2. Deutsche Sprachversion</A
 ></H4
 ><P
@@ -18112,7 +18395,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN4171"
+NAME="AEN4213"
 >26.2.2. Sonstiger Dank...</A
 ></H3
 ><DIV
@@ -18120,7 +18403,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN4173"
+NAME="AEN4215"
 >26.2.2.1. Verwaltung des Dokuments</A
 ></H4
 ><P
@@ -18177,7 +18460,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN4191"
+NAME="AEN4233"
 >26.3. Zum Schluss</A
 ></H2
 ><P
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.lyx b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.lyx
index c8ddac66..ff9ee865 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.lyx
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.lyx
@@ -1,5 +1,5 @@
-#LyX 2.0 created this file. For more info see http://www.lyx.org/
-\lyxformat 413
+#LyX 2.1 created this file. For more info see http://www.lyx.org/
+\lyxformat 474
 \begin_document
 \begin_header
 \textclass docbook-book
@@ -16,13 +16,13 @@
 \font_roman default
 \font_sans default
 \font_typewriter default
+\font_math auto
 \font_default_family default
 \use_non_tex_fonts false
 \font_sc false
 \font_osf false
 \font_sf_scale 100
 \font_tt_scale 100
-
 \graphics default
 \default_output_format default
 \output_sync 0
@@ -33,15 +33,24 @@
 \use_hyperref false
 \papersize default
 \use_geometry false
-\use_amsmath 1
-\use_esint 0
-\use_mhchem 1
-\use_mathdots 1
+\use_package amsmath 1
+\use_package amssymb 1
+\use_package cancel 0
+\use_package esint 0
+\use_package mathdots 1
+\use_package mathtools 0
+\use_package mhchem 1
+\use_package stackrel 0
+\use_package stmaryrd 0
+\use_package undertilde 0
 \cite_engine basic
+\cite_engine_type default
+\biblio_style plain
 \use_bibtopic false
 \use_indices false
 \paperorientation portrait
 \suppress_date false
+\justification true
 \use_refstyle 0
 \index Stichwortverzeichnis
 \shortcut idx
@@ -107,7 +116,7 @@ status open
 
 \begin_layout Plain Layout
 
-<revision> <revnumber>0.66wip.de.1</revnumber> <date>2013-11-12</date> <authoriniti
+<revision> <revnumber>0.66wip.de.1</revnumber> <date>2014-05-02</date> <authoriniti
 als>PB</authorinitials></revision>
 \end_layout
 
@@ -247,7 +256,7 @@ Copyright
 \end_layout
 
 \begin_layout Standard
-Verfasst von und urheberrechtlich geschützt durch Peter Bieringer © 2001-2013.
+Verfasst von und urheberrechtlich geschützt durch Peter Bieringer © 2001-2014.
 \begin_inset Newline newline
 \end_inset
 
@@ -260,7 +269,7 @@ Deutsche Übersetzung:
 
 \begin_layout Standard
 Verfasst von und urheberrechtlich geschützt durch Georg Käfer © 2002-2003,
- weitergeführt von Peter Bieringer © 2004-2013.
+ weitergeführt von Peter Bieringer © 2004-2014.
 \end_layout
 
 \begin_layout Subsection
@@ -290,7 +299,7 @@ Dieses Linux IPv6 HOWTO ist ein Handbuch zur Anwendung und Konfiguration
 \end_layout
 
 \begin_layout Standard
-Copyright © 2001-2013 Peter Bieringer
+Copyright © 2001-2014 Peter Bieringer
 \begin_inset Newline newline
 \end_inset
 
@@ -10980,8 +10989,22 @@ reference "IPv6-security-auditing"
 \begin_layout Standard
 
 \lang english
-Kernels ab Version 2.6.20 unterstützen den IPv6-Verbindungsstatus (connection
- tracking) vollständig.
+Kernels ab Version 2.6.20 (Februar 2007) unterstützen den IPv6-Verbindungsstatus
+ (connection tracking) vollständig.
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Kernels ab Version 3.9.0 (April 2013) unterstützen NAT für IPv6 in Verbindung
+ mit ip6tables >= 1.4.18
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Kernels ab Version 3.13 (April 2014) unterstützen ein neues Framework namens:
+ nftables
 \end_layout
 
 \begin_layout Subsection
@@ -12707,6 +12730,355 @@ Ein dedizierter Port kann zu einem internen System weitergeleitet werden,
 nation [fec0::1234]:80
 \end_layout
 
+\begin_layout Section
+
+\lang english
+Firewall-Setup mit nftables
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Mit nftables wurde die Unterstützung einer Tabelle names 
+\begin_inset Quotes sld
+\end_inset
+
+inet
+\begin_inset Quotes srd
+\end_inset
+
+ eingeführt in welcher Regeln für IPv4/IPv6 gleichzeitig gelten
+\end_layout
+
+\begin_layout Subsection
+
+\lang english
+Präparation zur Nutzung von nftables
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Installieren einer Linux-Distribution, welche die Unterstützung für nftables
+ bereits eingebaut hat.
+ Beim Schreiben dieses Absatzes (Mai 2014) war mindestens Fedora Rawhide
+ (Vorläufer der Version 21) mit entsprechendem Support und nftables version
+ 0.2.0 versehen.
+\end_layout
+
+\begin_layout Subsection
+
+\lang english
+Basis-nftables Konfiguration
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Laden der Kernel-Module
+\end_layout
+
+\begin_layout Code
+
+# modprobe nf_tables
+\end_layout
+
+\begin_layout Code
+
+# modprobe nf_tables_ipv4
+\end_layout
+
+\begin_layout Code
+
+# modprobe nf_tables_ipv6
+\end_layout
+
+\begin_layout Code
+
+# modprobe nf_tables_inet 
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Erzeugen der Filter-Tabellen
+\end_layout
+
+\begin_layout Code
+
+# nft add table ip   filter
+\end_layout
+
+\begin_layout Code
+
+# nft add table ip6  filter
+\end_layout
+
+\begin_layout Code
+
+# nft add table inet filter 
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Erzeugen einer input chain in jeder Filter-Tabelle
+\end_layout
+
+\begin_layout Code
+
+# nft add chain ip   filter input { type filter hook input priority 1 
+\backslash
+; }
+\end_layout
+
+\begin_layout Code
+
+# nft add chain ip6  filter input { type filter hook input priority 1 
+\backslash
+; } 
+\end_layout
+
+\begin_layout Code
+
+# nft add chain inet filter input { type filter hook input priority 0 
+\backslash
+; }
+\end_layout
+
+\begin_layout Subsection
+
+\lang english
+Einfache Filter-Policy mit nftables
+\end_layout
+
+\begin_layout Subsubsection
+
+\lang english
+Konfiguration
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Erlauben von Paketen, die zu existierenden Einträgen in der Connection-Tracking-
+Tabelle gehören
+\end_layout
+
+\begin_layout Code
+
+# nft add rule inet filter input ct state established,related counter accept
+ 
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Erlauben von IPv4 und IPv6 ICMP echo-request (aka ping)
+\end_layout
+
+\begin_layout Code
+
+# nft add rule ip filter input icmp type { echo-request } counter accept
+ 
+\end_layout
+
+\begin_layout Code
+
+# nft add rule ip6 filter input icmpv6 type echo-request counter accept
+ 
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Erlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit-Pr
+üfung (erhöht die Sicherheit)
+\end_layout
+
+\begin_layout Code
+
+# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-adv
+ert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter
+ input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert
+ } ip6 hoplimit 255 accept
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Erlauben von eingehenden SSH-Verbindungen für IPv4 und IPv6 unter Nutzung
+ der IP-Version unabhängigen Tabelle 
+\begin_inset Quotes sld
+\end_inset
+
+inet
+\begin_inset Quotes srd
+\end_inset
+
+
+\end_layout
+
+\begin_layout Code
+
+# nft add rule inet filter input tcp dport 22 ct state new tcp flags 
+\backslash
+& 
+\backslash
+(syn 
+\backslash
+| ack
+\backslash
+) == syn counter accept
+\end_layout
+
+\begin_layout Subsubsection
+
+\lang english
+Ergebnis
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Tabelle für IPv4 Filter
+\end_layout
+
+\begin_layout Code
+
+# nft list table ip filter
+\end_layout
+
+\begin_layout Code
+
+table ip filter {
+\end_layout
+
+\begin_layout Code
+
+	chain input {
+\end_layout
+
+\begin_layout Code
+
+		 type filter hook input priority 1;
+\end_layout
+
+\begin_layout Code
+
+		 icmp type { echo-request} counter packets 0 bytes 0 accept
+\end_layout
+
+\begin_layout Code
+
+	}
+\end_layout
+
+\begin_layout Code
+
+}
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Tabelle für IPv6 Filter
+\end_layout
+
+\begin_layout Code
+
+# nft list table ip6 filter
+\end_layout
+
+\begin_layout Code
+
+table ip6 filter {
+\end_layout
+
+\begin_layout Code
+
+	chain input {
+\end_layout
+
+\begin_layout Code
+
+		 type filter hook input priority 1;
+\end_layout
+
+\begin_layout Code
+
+		 icmpv6 type echo-request counter packets 0 bytes 0 accept
+\end_layout
+
+\begin_layout Code
+
+		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
+ nd-router-advert} accept
+\end_layout
+
+\begin_layout Code
+
+		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
+ nd-router-advert} accept
+\end_layout
+
+\begin_layout Code
+
+	}
+\end_layout
+
+\begin_layout Code
+
+}
+\end_layout
+
+\begin_layout Standard
+
+\lang english
+Tabelle für IP unabhängigen Filter
+\end_layout
+
+\begin_layout Code
+
+# nft list table inet filter
+\end_layout
+
+\begin_layout Code
+
+table inet filter {
+\end_layout
+
+\begin_layout Code
+
+	chain input {
+\end_layout
+
+\begin_layout Code
+
+		 type filter hook input priority 0;
+\end_layout
+
+\begin_layout Code
+
+		 ct state established,related counter packets 44 bytes 2288 accept
+\end_layout
+
+\begin_layout Code
+
+		 tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets
+ 0 bytes 0 accept
+\end_layout
+
+\begin_layout Code
+
+	}
+\end_layout
+
+\begin_layout Code
+
+} 
+\end_layout
+
 \begin_layout Chapter
 \begin_inset CommandInset label
 LatexCommand label
@@ -20858,7 +21230,7 @@ Die größten Mailinglisten sind in folgender Tabelle zusammengefasst:
 \begin_layout Standard
 \begin_inset Tabular
 <lyxtabular version="3" rows="8" columns="6">
-<features rotate="true" tabularvalignment="middle">
+<features rotate="90" tabularvalignment="middle">
 <column alignment="center" valignment="top" width="0pt">
 <column alignment="center" valignment="top" width="0pt">
 <column alignment="center" valignment="top" width="0pt">
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf
index c5a52258..c3317d3b 100644
Binary files a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf and b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf differ
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.sgml b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.sgml
index e703b660..442f6407 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.sgml
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.sgml
@@ -7,14 +7,14 @@
 <!ENTITY % output.print.bmp "IGNORE">
  ]>
 
-<!-- SGML file was created by LyX 2.0.6
+<!-- SGML file was created by LyX 2.1.0
   See http://www.lyx.org/ for more information -->
 <book lang="de">
 <bookinfo>
 <title>Linux IPv6 HOWTO (de)</title>
 <author><firstname>Peter</firstname><surname>Bieringer</surname><affiliation><address>pb at bieringer dot de</address></affiliation></author>
 <revhistory> 
-<revision> <revnumber>0.66wip.de.1</revnumber> <date>2013-11-12</date> <authorinitials>PB</authorinitials></revision>
+<revision> <revnumber>0.66wip.de.1</revnumber> <date>2014-05-02</date> <authorinitials>PB</authorinitials></revision>
 <revision> <revnumber>0.65.de.1</revnumber> <date>2009-12-13</date> <authorinitials>PB</authorinitials></revision>
 <revision> <revnumber>0.64.de.1</revnumber> <date>2009-06-11</date> <authorinitials>PB</authorinitials></revision>
 <revision> <revnumber>0.61.de.1</revnumber> <date>2007-10-06</date> <authorinitials>PB</authorinitials></revision>
@@ -26,16 +26,16 @@
 <title><!-- anchor id="general-copright" -->Copyright, Lizenz und anderes</title>
 <sect2>
 <title>Copyright</title>
-<para>Verfasst von und urheberrechtlich geschützt durch Peter Bieringer © 2001-2013.
+<para>Verfasst von und urheberrechtlich geschützt durch Peter Bieringer © 2001-2014.
 </para>
 <para>Deutsche Übersetzung:</para>
-<para>Verfasst von und urheberrechtlich geschützt durch Georg Käfer © 2002-2003, weitergeführt von Peter Bieringer © 2004-2013.</para></sect2><sect2>
+<para>Verfasst von und urheberrechtlich geschützt durch Georg Käfer © 2002-2003, weitergeführt von Peter Bieringer © 2004-2014.</para></sect2><sect2>
 <title>Lizenz</title>
 <para>Dieses Linux IPv6 HOWTO wird unter der GNU GPL Version 2 herausgegeben:
 </para>
 <para>Dieses Linux IPv6 HOWTO ist ein Handbuch zur Anwendung und Konfiguration von IPv6 auf Linux-Systemen. 
 </para>
-<para>Copyright © 2001-2013 Peter Bieringer
+<para>Copyright © 2001-2014 Peter Bieringer
 Deutsche Übersetzung Copyright © 2002-2003 Georg Käfer, weitergeführt von Peter Bieringer © 2004-2013.
 </para>
 <para>Diese Dokumentation ist freie Software; Sie können diese unter den Bedingungen der GNU General Public License, wie von der Free Software Foundation publiziert, entweder unter Version 2 oder optional jede höhere Version redistribuieren und/oder modifizieren.</para>
@@ -1624,7 +1624,9 @@ In Version 8.x wurde das Konfigurations-Setup bei SuSE komplett abgeändert.</pa
 <para>Von Haus aus unterstützt wird die IPv6-Firewall-Funktionalität im Kernel erst ab Version 2.4+. In älteren 2.2+ Versionen können sie nur mit Protocol 41 das generelle Tunnel von IPv6-in-IPv4-Paketen filtern.</para>
 <para>Achtung: Es gibt keine Garantie, dass die beschriebenen Regeln und Beispiele ihr System auch wirklich schützen können!</para>
 <para>Beobachten Sie nach der Installation ihr Regelset, siehe Abschnitt <xref linkend="IPv6-security-auditing">.</para>
-<para>Kernels ab Version 2.6.20 unterstützen den IPv6-Verbindungsstatus (connection tracking) vollständig.</para><sect2>
+<para>Kernels ab Version 2.6.20 (Februar 2007) unterstützen den IPv6-Verbindungsstatus (connection tracking) vollständig.</para>
+<para>Kernels ab Version 3.9.0 (April 2013) unterstützen NAT für IPv6 in Verbindung mit ip6tables &gt;= 1.4.18</para>
+<para>Kernels ab Version 3.13 (April 2014) unterstützen ein neues Framework namens: nftables</para><sect2>
 <title>Weitere Informationen</title>
 <itemizedlist>
 <listitem><para><ulink url="http://www.netfilter.org/">Netfilter project</ulink></para></listitem><listitem><para><ulink url="https://lists.netfilter.org/mailman/listinfo/netfilter">maillist archive of netfilter users</ulink></para></listitem><listitem><para><ulink url="https://lists.netfilter.org/mailman/listinfo/netfilter-devel">maillist archive of netfilter developers</ulink></para></listitem><listitem><para><ulink url="http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-kernel.html#netfilter6 ">Unofficial status informations</ulink></para></listitem></itemizedlist></sect2></sect1><sect1>
@@ -1972,7 +1974,68 @@ Chain intOUT (1 references)
 <title>IPv6 Port Weiterleitung</title>
 <para>Ein dedizierter Port kann zu einem internen System weitergeleitet werden, z.B.</para><screen>
 <![CDATA[# ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-destination [fec0::1234]:80
-]]></screen></sect2></sect1></chapter><chapter id='chapter-security' >
+]]></screen></sect2></sect1><sect1>
+<title>Firewall-Setup mit nftables</title>
+<para>Mit nftables wurde die Unterstützung einer Tabelle names &ldquo;inet&rdquo; eingeführt in welcher Regeln für IPv4/IPv6 gleichzeitig gelten</para><sect2>
+<title>Präparation zur Nutzung von nftables</title>
+<para>Installieren einer Linux-Distribution, welche die Unterstützung für nftables bereits eingebaut hat. Beim Schreiben dieses Absatzes (Mai 2014) war mindestens Fedora Rawhide (Vorläufer der Version 21) mit entsprechendem Support und nftables version 0.2.0 versehen.</para></sect2><sect2>
+<title>Basis-nftables Konfiguration</title>
+<para>Laden der Kernel-Module</para><screen>
+<![CDATA[# modprobe nf_tables
+# modprobe nf_tables_ipv4
+# modprobe nf_tables_ipv6
+# modprobe nf_tables_inet 
+]]></screen><para>Erzeugen der Filter-Tabellen</para><screen>
+<![CDATA[# nft add table ip   filter
+# nft add table ip6  filter
+# nft add table inet filter 
+]]></screen><para>Erzeugen einer input chain in jeder Filter-Tabelle</para><screen>
+<![CDATA[# nft add chain ip   filter input { type filter hook input priority 1 \; }
+# nft add chain ip6  filter input { type filter hook input priority 1 \; } 
+# nft add chain inet filter input { type filter hook input priority 0 \; }
+]]></screen></sect2><sect2>
+<title>Einfache Filter-Policy mit nftables</title>
+<sect3>
+<title>Konfiguration</title>
+<para>Erlauben von Paketen, die zu existierenden Einträgen in der Connection-Tracking-Tabelle gehören</para><screen>
+<![CDATA[# nft add rule inet filter input ct state established,related counter accept 
+]]></screen><para>Erlauben von IPv4 und IPv6 ICMP echo-request (aka ping)</para><screen>
+<![CDATA[# nft add rule ip filter input icmp type { echo-request } counter accept 
+# nft add rule ip6 filter input icmpv6 type echo-request counter accept 
+]]></screen><para>Erlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit-Prüfung (erhöht die Sicherheit)</para><screen>
+<![CDATA[# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept
+]]></screen><para>Erlauben von eingehenden SSH-Verbindungen für IPv4 und IPv6 unter Nutzung der IP-Version unabhängigen Tabelle &ldquo;inet&rdquo;</para><screen>
+<![CDATA[# nft add rule inet filter input tcp dport 22 ct state new tcp flags \& \(syn \| ack\) == syn counter accept
+]]></screen></sect3><sect3>
+<title>Ergebnis</title>
+<para>Tabelle für IPv4 Filter</para><screen>
+<![CDATA[# nft list table ip filter
+table ip filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmp type { echo-request} counter packets 0 bytes 0 accept
+	}
+}
+]]></screen><para>Tabelle für IPv6 Filter</para><screen>
+<![CDATA[# nft list table ip6 filter
+table ip6 filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmpv6 type echo-request counter packets 0 bytes 0 accept
+		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+	}
+}
+]]></screen><para>Tabelle für IP unabhängigen Filter</para><screen>
+<![CDATA[# nft list table inet filter
+table inet filter {
+	chain input {
+		 type filter hook input priority 0;
+		 ct state established,related counter packets 44 bytes 2288 accept
+		 tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets 0 bytes 0 accept
+	}
+} 
+]]></screen></sect3></sect2></sect1></chapter><chapter id='chapter-security' >
 <title><!-- anchor id="chapter-security" -->Sicherheit</title>
 <sect1>
 <title>Sicherheit des Knoten</title>
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html
index 8da91c19..2485dfef 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html
@@ -4,8 +4,6 @@
 ><TITLE
 >Linux IPv6 HOWTO (en)</TITLE
 ><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
-><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
-><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
 ><META
 NAME="GENERATOR"
 CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
@@ -64,7 +62,7 @@ ALIGN="LEFT"
 >Revision 0.66wip</TD
 ><TD
 ALIGN="LEFT"
->2013-05-13</TD
+>2014-05-02</TD
 ><TD
 ALIGN="LEFT"
 >Revised by: PB</TD
@@ -444,7 +442,7 @@ HREF="#AEN1214"
 ></DT
 ><DT
 >9.2. <A
-HREF="#AEN1291"
+HREF="#AEN1299"
 >Displaying existing tunnels</A
 ></DT
 ><DT
@@ -468,17 +466,17 @@ HREF="#CHAPTER-CONFIGURING-IPV4-IN-IPV6-TUNNELS"
 ><DL
 ><DT
 >10.1. <A
-HREF="#AEN1415"
+HREF="#AEN1423"
 >Displaying existing tunnels</A
 ></DT
 ><DT
 >10.2. <A
-HREF="#AEN1422"
+HREF="#AEN1430"
 >Setup of point-to-point tunnel</A
 ></DT
 ><DT
 >10.3. <A
-HREF="#AEN1428"
+HREF="#AEN1436"
 >Removing point-to-point tunnels</A
 ></DT
 ></DL
@@ -492,7 +490,7 @@ HREF="#CHAPTER-KERNEL-SETTINGS"
 ><DL
 ><DT
 >11.1. <A
-HREF="#AEN1437"
+HREF="#AEN1445"
 >How to access the /proc-filesystem</A
 ></DT
 ><DT
@@ -531,7 +529,7 @@ HREF="#NETWORK-DEBUGGING"
 ><DL
 ><DT
 >14.1. <A
-HREF="#AEN1945"
+HREF="#AEN1953"
 >Server socket binding</A
 ></DT
 ><DT
@@ -550,12 +548,12 @@ HREF="#CHAPTER-SUPPORT-PERSISTENT-CONFIGURATION"
 ><DL
 ><DT
 >15.1. <A
-HREF="#AEN1997"
+HREF="#AEN2005"
 >Red Hat Linux and “clones”</A
 ></DT
 ><DT
 >15.2. <A
-HREF="#AEN2036"
+HREF="#AEN2044"
 >SuSE Linux</A
 ></DT
 ><DT
@@ -574,17 +572,17 @@ HREF="#CHAPTER-AUTOCONFIGURATION"
 ><DL
 ><DT
 >16.1. <A
-HREF="#AEN2088"
+HREF="#AEN2096"
 >Stateless auto-configuration out-of-the-box</A
 ></DT
 ><DT
 >16.2. <A
-HREF="#AEN2093"
+HREF="#AEN2101"
 >Stateless auto-configuration using Router Advertisement Daemon (radvd)</A
 ></DT
 ><DT
 >16.3. <A
-HREF="#AEN2097"
+HREF="#AEN2105"
 >Dynamic Host Configuration Protocol v6 (DHCPv6)</A
 ></DT
 ></DL
@@ -598,7 +596,7 @@ HREF="#CHAPTER-MOBILITY"
 ><DL
 ><DT
 >17.1. <A
-HREF="#AEN2116"
+HREF="#AEN2124"
 >Common information</A
 ></DT
 ></DL
@@ -617,19 +615,24 @@ HREF="#FIREWALLING-NETFILTER6."
 ></DT
 ><DT
 >18.2. <A
-HREF="#AEN2199"
+HREF="#AEN2209"
 >Preparation</A
 ></DT
 ><DT
 >18.3. <A
-HREF="#AEN2277"
->Usage</A
+HREF="#AEN2287"
+>Usage of ip6tables</A
 ></DT
 ><DT
 >18.4. <A
 HREF="#NAT-NETFILTER6."
 >Network Address Translation (NAT) using netfilter6</A
 ></DT
+><DT
+>18.5. <A
+HREF="#AEN2432"
+>Firewalling using nftables</A
+></DT
 ></DL
 ></DD
 ><DT
@@ -641,12 +644,12 @@ HREF="#CHAPTER-SECURITY"
 ><DL
 ><DT
 >19.1. <A
-HREF="#AEN2424"
+HREF="#AEN2468"
 >Node security</A
 ></DT
 ><DT
 >19.2. <A
-HREF="#AEN2428"
+HREF="#AEN2472"
 >Access limitations</A
 ></DT
 ><DT
@@ -665,22 +668,22 @@ HREF="#CHAPTER-ENCRYPTION-AUTHENTICATION"
 ><DL
 ><DT
 >20.1. <A
-HREF="#AEN2481"
+HREF="#AEN2525"
 >Modes of using encryption and authentication</A
 ></DT
 ><DT
 >20.2. <A
-HREF="#AEN2492"
+HREF="#AEN2536"
 >Support in kernel (ESP and AH)</A
 ></DT
 ><DT
 >20.3. <A
-HREF="#AEN2502"
+HREF="#AEN2546"
 >Automatic key exchange (IKE)</A
 ></DT
 ><DT
 >20.4. <A
-HREF="#AEN2564"
+HREF="#AEN2608"
 >Additional informations:</A
 ></DT
 ></DL
@@ -694,12 +697,12 @@ HREF="#CHAPTER-QOS"
 ><DL
 ><DT
 >21.1. <A
-HREF="#AEN2576"
+HREF="#AEN2620"
 >General</A
 ></DT
 ><DT
 >21.2. <A
-HREF="#AEN2580"
+HREF="#AEN2624"
 >Linux QoS using “tc”</A
 ></DT
 ></DL
@@ -782,7 +785,7 @@ HREF="#CHAPTER-SECTION-USING-API"
 ></DT
 ><DT
 >23.2. <A
-HREF="#AEN3097"
+HREF="#AEN3141"
 >Other programming languages</A
 ></DT
 ></DL
@@ -816,7 +819,7 @@ HREF="#INFORMATION-ONLINEINFORMATION"
 ></DT
 ><DT
 >25.4. <A
-HREF="#AEN3764"
+HREF="#AEN3806"
 >IPv6 Infrastructure</A
 ></DT
 ><DT
@@ -843,7 +846,7 @@ HREF="#INFORMATION-ONLINEDISCOVERY"
 ></DD
 ><DT
 >26. <A
-HREF="#AEN4141"
+HREF="#AEN4183"
 >Revision history / Credits / The End</A
 ></DT
 ><DD
@@ -860,7 +863,7 @@ HREF="#CREDITS"
 ></DT
 ><DT
 >26.3. <A
-HREF="#AEN4678"
+HREF="#AEN4720"
 >The End</A
 ></DT
 ></DL
@@ -896,7 +899,7 @@ NAME="AEN41"
 >1.1.1. Copyright</A
 ></H3
 ><P
->Written and Copyright (C) 2001-2013 by Peter Bieringer</P
+>Written and Copyright (C) 2001-2014 by Peter Bieringer</P
 ></DIV
 ><DIV
 CLASS="SECT2"
@@ -911,7 +914,7 @@ NAME="AEN44"
 ><P
 >The Linux IPv6 HOWTO, a guide how to configure and use IPv6 on Linux systems. </P
 ><P
->Copyright © 2001-2013 Peter Bieringer </P
+>Copyright © 2001-2014 Peter Bieringer </P
 ><P
 >This documentation is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. </P
 ><P
@@ -6053,13 +6056,35 @@ TARGET="_top"
 >A foreign tunnel endpoint which is capable to route your IPv6 prefix to your local tunnel endpoint (mostly remote manual configuration required)</P
 ></LI
 ></UL
+><P
+>Tunnel provider for static point-to-point tunneling:</P
+><P
+></P
+><UL
+><LI
+><P
+><A
+HREF="http://he.com/"
+TARGET="_top"
+>Hurricane Electric</A
+></P
+></LI
+><LI
+><P
+><A
+HREF="http://www.sixxs.net/"
+TARGET="_top"
+>SixXS</A
+></P
+></LI
+></UL
 ></DIV
 ><DIV
 CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1236"
+NAME="AEN1244"
 >9.1.2. Automatically tunneling</A
 ></H3
 ><P
@@ -6084,7 +6109,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1243"
+NAME="AEN1251"
 >9.1.3.1. Generation of 6to4 prefix</A
 ></H4
 ><P
@@ -6122,7 +6147,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1250"
+NAME="AEN1258"
 >9.1.3.2. 6to4 upstream tunneling</A
 ></H4
 ><P
@@ -6143,7 +6168,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1256"
+NAME="AEN1264"
 >9.1.3.3. 6to4 downstream tunneling</A
 ></H4
 ><P
@@ -6166,7 +6191,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1264"
+NAME="AEN1272"
 >9.1.3.4. Possible 6to4 traffic</A
 ></H4
 ><P
@@ -6194,7 +6219,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1274"
+NAME="AEN1282"
 >9.1.4. UDP encapsulated IPv6 tunneling</A
 ></H3
 ><P
@@ -6204,7 +6229,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1277"
+NAME="AEN1285"
 >9.1.4.1. Teredo Tunnel</A
 ></H4
 ><P
@@ -6227,7 +6252,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1283"
+NAME="AEN1291"
 >9.1.4.2. AYIYA Tunnel</A
 ></H4
 ><P
@@ -6242,7 +6267,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1287"
+NAME="AEN1295"
 >9.1.4.3. gogo6 Tunnel</A
 ></H4
 ><P
@@ -6259,7 +6284,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1291"
+NAME="AEN1299"
 >9.2. Displaying existing tunnels</A
 ></H2
 ><DIV
@@ -6267,7 +6292,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1293"
+NAME="AEN1301"
 >9.2.1. Using "ip"</A
 ></H3
 ><P
@@ -6312,7 +6337,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1299"
+NAME="AEN1307"
 >9.2.2. Using "route"</A
 ></H3
 ><P
@@ -6381,7 +6406,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1311"
+NAME="AEN1319"
 >9.3.1. Add point-to-point tunnels</A
 ></H3
 ><DIV
@@ -6389,7 +6414,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1313"
+NAME="AEN1321"
 >9.3.1.1. Using "ip"</A
 ></H4
 ><P
@@ -6448,7 +6473,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1320"
+NAME="AEN1328"
 >9.3.1.2. Using "ifconfig" and "route" (deprecated)</A
 ></H4
 ><P
@@ -6490,7 +6515,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1326"
+NAME="AEN1334"
 >9.3.1.3. Using "route" only</A
 ></H4
 ><P
@@ -6528,7 +6553,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1332"
+NAME="AEN1340"
 >9.3.2. Removing point-to-point tunnels</A
 ></H3
 ><P
@@ -6538,7 +6563,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1335"
+NAME="AEN1343"
 >9.3.2.1. Using "ip"</A
 ></H4
 ><P
@@ -6591,7 +6616,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1341"
+NAME="AEN1349"
 >9.3.2.2. Using "ifconfig" and "route" (deprecated because not very funny)</A
 ></H4
 ><P
@@ -6628,7 +6653,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1346"
+NAME="AEN1354"
 >9.3.2.3. Using "route"</A
 ></H4
 ><P
@@ -6664,7 +6689,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1351"
+NAME="AEN1359"
 >9.3.3. Numbered point-to-point tunnels</A
 ></H3
 ><P
@@ -6689,7 +6714,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1358"
+NAME="AEN1366"
 >9.4.1. Add a 6to4 tunnel</A
 ></H3
 ><P
@@ -6769,7 +6794,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1370"
+NAME="AEN1378"
 >9.4.1.1. Using "ip" and a dedicated tunnel device</A
 ></H4
 ><P
@@ -6866,7 +6891,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1383"
+NAME="AEN1391"
 >9.4.1.2. Using "ifconfig" and "route" and generic tunnel device “sit0” (deprecated)</A
 ></H4
 ><P
@@ -6929,7 +6954,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1392"
+NAME="AEN1400"
 >9.4.2. Remove a 6to4 tunnel</A
 ></H3
 ><DIV
@@ -6937,7 +6962,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1394"
+NAME="AEN1402"
 >9.4.2.1. Using "ip" and a dedicated tunnel device</A
 ></H4
 ><P
@@ -6997,7 +7022,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1402"
+NAME="AEN1410"
 >9.4.2.2. Using “ifconfig” and “route” and generic tunnel device “sit0” (deprecated)</A
 ></H4
 ><P
@@ -7075,7 +7100,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1415"
+NAME="AEN1423"
 >10.1. Displaying existing tunnels</A
 ></H2
 ><P
@@ -7124,7 +7149,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1422"
+NAME="AEN1430"
 >10.2. Setup of point-to-point tunnel</A
 ></H2
 ><P
@@ -7181,7 +7206,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1428"
+NAME="AEN1436"
 >10.3. Removing point-to-point tunnels</A
 ></H2
 ><P
@@ -7244,7 +7269,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1437"
+NAME="AEN1445"
 >11.1. How to access the /proc-filesystem</A
 ></H2
 ><DIV
@@ -7252,7 +7277,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1439"
+NAME="AEN1447"
 >11.1.1. Using “cat” and “echo”</A
 ></H3
 ><P
@@ -7319,7 +7344,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1454"
+NAME="AEN1462"
 >11.1.1.1. Retrieving a value</A
 ></H4
 ><P
@@ -7346,7 +7371,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1458"
+NAME="AEN1466"
 >11.1.1.2. Setting a value</A
 ></H4
 ><P
@@ -7373,7 +7398,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1462"
+NAME="AEN1470"
 >11.1.2. Using “sysctl”</A
 ></H3
 ><P
@@ -7408,7 +7433,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1470"
+NAME="AEN1478"
 >11.1.2.1. Retrieving a value</A
 ></H4
 ><P
@@ -7435,7 +7460,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1474"
+NAME="AEN1482"
 >11.1.2.2. Setting a value</A
 ></H4
 ><P
@@ -7480,7 +7505,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1480"
+NAME="AEN1488"
 >11.1.2.3. Additionals</A
 ></H4
 ><P
@@ -7496,7 +7521,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1485"
+NAME="AEN1493"
 >11.1.3. Values found in /proc-filesystems</A
 ></H3
 ><P
@@ -7532,7 +7557,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1497"
+NAME="AEN1505"
 >11.2.1. conf/default/*</A
 ></H3
 ><P
@@ -7543,7 +7568,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1500"
+NAME="AEN1508"
 >11.2.2. conf/all/*</A
 ></H3
 ><P
@@ -7555,7 +7580,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1504"
+NAME="AEN1512"
 >11.2.2.1. conf/all/forwarding</A
 ></H4
 ><P
@@ -7584,7 +7609,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1514"
+NAME="AEN1522"
 >11.2.3. conf/interface/*</A
 ></H3
 ><P
@@ -7596,7 +7621,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1518"
+NAME="AEN1526"
 >11.2.3.1. accept_ra</A
 ></H4
 ><P
@@ -7619,7 +7644,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1526"
+NAME="AEN1534"
 >11.2.3.2. accept_redirects</A
 ></H4
 ><P
@@ -7642,7 +7667,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1534"
+NAME="AEN1542"
 >11.2.3.3. autoconf</A
 ></H4
 ><P
@@ -7665,7 +7690,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1542"
+NAME="AEN1550"
 >11.2.3.4. dad_transmits</A
 ></H4
 ><P
@@ -7688,7 +7713,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1550"
+NAME="AEN1558"
 >11.2.3.5. forwarding</A
 ></H4
 ><P
@@ -7771,7 +7796,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1583"
+NAME="AEN1591"
 >11.2.3.6. hop_limit</A
 ></H4
 ><P
@@ -7794,7 +7819,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1591"
+NAME="AEN1599"
 >11.2.3.7. mtu</A
 ></H4
 ><P
@@ -7817,7 +7842,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1599"
+NAME="AEN1607"
 >11.2.3.8. router_solicitation_delay</A
 ></H4
 ><P
@@ -7840,7 +7865,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1607"
+NAME="AEN1615"
 >11.2.3.9. router_solicitation_interval</A
 ></H4
 ><P
@@ -7863,7 +7888,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1615"
+NAME="AEN1623"
 >11.2.3.10. router_solicitations</A
 ></H4
 ><P
@@ -7887,7 +7912,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1623"
+NAME="AEN1631"
 >11.2.4. neigh/default/*</A
 ></H3
 ><P
@@ -7897,7 +7922,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1626"
+NAME="AEN1634"
 >11.2.4.1. gc_thresh1</A
 ></H4
 ><P
@@ -7920,7 +7945,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1634"
+NAME="AEN1642"
 >11.2.4.2. gc_thresh2</A
 ></H4
 ><P
@@ -7943,7 +7968,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1642"
+NAME="AEN1650"
 >11.2.4.3. gc_thresh3</A
 ></H4
 ><P
@@ -7988,7 +8013,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1653"
+NAME="AEN1661"
 >11.2.4.4. gc_interval</A
 ></H4
 ><P
@@ -8012,7 +8037,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1661"
+NAME="AEN1669"
 >11.2.5. neigh/interface/*</A
 ></H3
 ><P
@@ -8022,7 +8047,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1664"
+NAME="AEN1672"
 >11.2.5.1. anycast_delay</A
 ></H4
 ><P
@@ -8045,7 +8070,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1672"
+NAME="AEN1680"
 >11.2.5.2. gc_stale_time</A
 ></H4
 ><P
@@ -8068,7 +8093,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1680"
+NAME="AEN1688"
 >11.2.5.3. proxy_qlen</A
 ></H4
 ><P
@@ -8091,7 +8116,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1688"
+NAME="AEN1696"
 >11.2.5.4. unres_qlen</A
 ></H4
 ><P
@@ -8114,7 +8139,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1696"
+NAME="AEN1704"
 >11.2.5.5. app_solicit</A
 ></H4
 ><P
@@ -8137,7 +8162,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1704"
+NAME="AEN1712"
 >11.2.5.6. locktime</A
 ></H4
 ><P
@@ -8160,7 +8185,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1712"
+NAME="AEN1720"
 >11.2.5.7. retrans_time</A
 ></H4
 ><P
@@ -8183,7 +8208,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1720"
+NAME="AEN1728"
 >11.2.5.8. base_reachable_time</A
 ></H4
 ><P
@@ -8206,7 +8231,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1728"
+NAME="AEN1736"
 >11.2.5.9. mcast_solicit</A
 ></H4
 ><P
@@ -8229,7 +8254,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1736"
+NAME="AEN1744"
 >11.2.5.10. ucast_solicit</A
 ></H4
 ><P
@@ -8252,7 +8277,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1744"
+NAME="AEN1752"
 >11.2.5.11. delay_first_probe_time</A
 ></H4
 ><P
@@ -8275,7 +8300,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1752"
+NAME="AEN1760"
 >11.2.5.12. proxy_delay</A
 ></H4
 ><P
@@ -8299,7 +8324,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1760"
+NAME="AEN1768"
 >11.2.6. route/*</A
 ></H3
 ><P
@@ -8309,7 +8334,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1763"
+NAME="AEN1771"
 >11.2.6.1. flush</A
 ></H4
 ><P
@@ -8320,7 +8345,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1766"
+NAME="AEN1774"
 >11.2.6.2. gc_interval</A
 ></H4
 ><P
@@ -8343,7 +8368,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1774"
+NAME="AEN1782"
 >11.2.6.3. gc_thresh</A
 ></H4
 ><P
@@ -8366,7 +8391,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1782"
+NAME="AEN1790"
 >11.2.6.4. mtu_expires</A
 ></H4
 ><P
@@ -8389,7 +8414,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1790"
+NAME="AEN1798"
 >11.2.6.5. gc_elasticity</A
 ></H4
 ><P
@@ -8412,7 +8437,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1798"
+NAME="AEN1806"
 >11.2.6.6. gc_min_interval</A
 ></H4
 ><P
@@ -8435,7 +8460,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1806"
+NAME="AEN1814"
 >11.2.6.7. gc_timeout</A
 ></H4
 ><P
@@ -8458,7 +8483,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1814"
+NAME="AEN1822"
 >11.2.6.8. min_adv_mss</A
 ></H4
 ><P
@@ -8481,7 +8506,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1822"
+NAME="AEN1830"
 >11.2.6.9. max_size</A
 ></H4
 ><P
@@ -8516,7 +8541,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1833"
+NAME="AEN1841"
 >11.3.1. ip_*</A
 ></H3
 ><DIV
@@ -8524,7 +8549,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1835"
+NAME="AEN1843"
 >11.3.1.1. ip_local_port_range</A
 ></H4
 ><P
@@ -8536,7 +8561,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1838"
+NAME="AEN1846"
 >11.3.2. tcp_*</A
 ></H3
 ><P
@@ -8547,7 +8572,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1841"
+NAME="AEN1849"
 >11.3.3. icmp_*</A
 ></H3
 ><P
@@ -8558,7 +8583,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1844"
+NAME="AEN1852"
 >11.3.4. others</A
 ></H3
 ><P
@@ -8580,7 +8605,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1850"
+NAME="AEN1858"
 >11.4.1. if_inet6</A
 ></H3
 ><P
@@ -8647,7 +8672,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1870"
+NAME="AEN1878"
 >11.4.2. ipv6_route</A
 ></H3
 ><P
@@ -8735,7 +8760,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1898"
+NAME="AEN1906"
 >11.4.3. sockstat6</A
 ></H3
 ><P
@@ -8773,7 +8798,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1905"
+NAME="AEN1913"
 >11.4.4. tcp6</A
 ></H3
 ><P
@@ -8784,7 +8809,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1908"
+NAME="AEN1916"
 >11.4.5. udp6</A
 ></H3
 ><P
@@ -8795,7 +8820,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1911"
+NAME="AEN1919"
 >11.4.6. igmp6</A
 ></H3
 ><P
@@ -8806,7 +8831,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1914"
+NAME="AEN1922"
 >11.4.7. raw6</A
 ></H3
 ><P
@@ -8817,7 +8842,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1917"
+NAME="AEN1925"
 >11.4.8. ip6_flowlabel</A
 ></H3
 ><P
@@ -8828,7 +8853,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1920"
+NAME="AEN1928"
 >11.4.9. rt6_stats</A
 ></H3
 ><P
@@ -8839,7 +8864,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1923"
+NAME="AEN1931"
 >11.4.10. snmp6</A
 ></H3
 ><P
@@ -8858,7 +8883,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1929"
+NAME="AEN1937"
 >11.4.11. ip6_tables_names</A
 ></H3
 ><P
@@ -8912,7 +8937,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1945"
+NAME="AEN1953"
 >14.1. Server socket binding</A
 ></H2
 ><DIV
@@ -8920,7 +8945,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1947"
+NAME="AEN1955"
 >14.1.1. Using “netstat” for server socket binding check</A
 ></H3
 ><P
@@ -9030,7 +9055,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1957"
+NAME="AEN1965"
 >14.2.1. Router discovery</A
 ></H3
 ><DIV
@@ -9038,7 +9063,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1959"
+NAME="AEN1967"
 >14.2.1.1. Router advertisement</A
 ></H4
 ><TABLE
@@ -9069,7 +9094,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1963"
+NAME="AEN1971"
 >14.2.1.2. Router solicitation</A
 ></H4
 ><TABLE
@@ -9097,7 +9122,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN1967"
+NAME="AEN1975"
 >14.2.2. Neighbor discovery</A
 ></H3
 ><DIV
@@ -9105,7 +9130,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1969"
+NAME="AEN1977"
 >14.2.2.1. Neighbor discovery solicitation for duplicate address detection</A
 ></H4
 ><P
@@ -9190,7 +9215,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN1984"
+NAME="AEN1992"
 >14.2.2.2. Neighbor discovery solicitation for looking for host or gateway</A
 ></H4
 ><P
@@ -9260,7 +9285,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN1997"
+NAME="AEN2005"
 >15.1. Red Hat Linux and “clones”</A
 ></H2
 ><P
@@ -9288,7 +9313,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2006"
+NAME="AEN2014"
 >15.1.1. Test for IPv6 support of network configuration scripts</A
 ></H3
 ><P
@@ -9361,7 +9386,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2017"
+NAME="AEN2025"
 >15.1.2. Short hint for enabling IPv6 on current RHL 7.1, 7.2, 7.3, ...</A
 ></H3
 ><P
@@ -9467,7 +9492,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2036"
+NAME="AEN2044"
 >15.2. SuSE Linux</A
 ></H2
 ><P
@@ -9480,7 +9505,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2040"
+NAME="AEN2048"
 >15.2.1. SuSE Linux 7.3</A
 ></H3
 ><P
@@ -9501,7 +9526,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2046"
+NAME="AEN2054"
 >15.2.2. SuSE Linux 8.0</A
 ></H3
 ><DIV
@@ -9509,7 +9534,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2048"
+NAME="AEN2056"
 >15.2.2.1. IPv6 address configuration</A
 ></H4
 ><P
@@ -9535,7 +9560,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2052"
+NAME="AEN2060"
 >15.2.2.2. Additional information</A
 ></H4
 ><P
@@ -9547,7 +9572,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2055"
+NAME="AEN2063"
 >15.2.3. SuSE Linux 8.1</A
 ></H3
 ><DIV
@@ -9555,7 +9580,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2057"
+NAME="AEN2065"
 >15.2.3.1. IPv6 address configuration</A
 ></H4
 ><P
@@ -9581,7 +9606,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2061"
+NAME="AEN2069"
 >15.2.3.2. Additional information</A
 ></H4
 ><P
@@ -9660,7 +9685,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2076"
+NAME="AEN2084"
 >15.3.1. Further information</A
 ></H3
 ><P
@@ -9701,7 +9726,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2088"
+NAME="AEN2096"
 >16.1. Stateless auto-configuration out-of-the-box</A
 ></H2
 ><P
@@ -9732,7 +9757,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2093"
+NAME="AEN2101"
 >16.2. Stateless auto-configuration using Router Advertisement Daemon (radvd)</A
 ></H2
 ><P
@@ -9746,7 +9771,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2097"
+NAME="AEN2105"
 >16.3. Dynamic Host Configuration Protocol v6 (DHCPv6)</A
 ></H2
 ><P
@@ -9772,9 +9797,9 @@ HREF="#HINTS-DAEMONS-DIBBLER"
 ><LI
 ><P
 ><A
-HREF="http://dhcpv6.sourceforge.net/"
+HREF="https://fedorahosted.org/dhcpv6/"
 TARGET="_top"
->DHCPv6 on Sourceforge</A
+>dhcpv6</A
 > (<A
 HREF="#HINTS-DAEMONS-DHCPV6."
 >Hints for configuration</A
@@ -9806,7 +9831,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2116"
+NAME="AEN2124"
 >17.1. Common information</A
 ></H2
 ><DIV
@@ -9814,7 +9839,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2118"
+NAME="AEN2126"
 >17.1.1. Node Mobility</A
 ></H3
 ><P
@@ -9837,7 +9862,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2125"
+NAME="AEN2133"
 >17.1.2. Network Mobility</A
 ></H3
 ><P
@@ -9858,7 +9883,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2131"
+NAME="AEN2139"
 >17.1.3. Links</A
 ></H3
 ><P
@@ -10007,13 +10032,17 @@ HREF="#IPV6-SECURITY-AUDITING"
 >Section 19.3</A
 > for more.</P
 ><P
->Since kernel version 2.6.20 IPv6 connection tracking is fully working (and does not break IPv4 NAT anymore like versions before)</P
+>Since kernel version 2.6.20 (February 2007) IPv6 connection tracking is fully working (and does not break IPv4 NAT anymore like versions before)</P
+><P
+>Since kernel version 3.9.0 (April 2013) NAT for IPv6 is supported with ip6tables &#62;= 1.4.18</P
+><P
+>Since kernel version 3.13 (April 2014) new framework introduced named: nftables</P
 ><DIV
 CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2184"
+NAME="AEN2194"
 >18.1.1. More information</A
 ></H3
 ><P
@@ -10059,7 +10088,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2199"
+NAME="AEN2209"
 >18.2. Preparation</A
 ></H2
 ><P
@@ -10069,7 +10098,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2202"
+NAME="AEN2212"
 >18.2.1. Get sources</A
 ></H3
 ><P
@@ -10098,7 +10127,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2211"
+NAME="AEN2221"
 >18.2.2. Extract sources</A
 ></H3
 ><P
@@ -10159,7 +10188,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2219"
+NAME="AEN2229"
 >18.2.3. Apply latest iptables/IPv6-related patches to kernel source</A
 ></H3
 ><P
@@ -10267,7 +10296,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2243"
+NAME="AEN2253"
 >18.2.4. Configure, build and install new kernel</A
 ></H3
 ><P
@@ -10350,7 +10379,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2253"
+NAME="AEN2263"
 >18.2.5. Rebuild and install binaries of iptables</A
 ></H3
 ><P
@@ -10501,15 +10530,15 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2277"
->18.3. Usage</A
+NAME="AEN2287"
+>18.3. Usage of ip6tables</A
 ></H2
 ><DIV
 CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2279"
+NAME="AEN2289"
 >18.3.1. Check for support</A
 ></H3
 ><P
@@ -10553,7 +10582,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2285"
+NAME="AEN2295"
 >18.3.2. Learn how to use ip6tables</A
 ></H3
 ><DIV
@@ -10561,7 +10590,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2287"
+NAME="AEN2297"
 >18.3.2.1. List all IPv6 netfilter entries</A
 ></H4
 ><P
@@ -10616,7 +10645,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2297"
+NAME="AEN2307"
 >18.3.2.2. List specified filter</A
 ></H4
 ><TABLE
@@ -10640,7 +10669,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2300"
+NAME="AEN2310"
 >18.3.2.3. Insert a log rule at the input filter with options</A
 ></H4
 ><TABLE
@@ -10665,7 +10694,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2303"
+NAME="AEN2313"
 >18.3.2.4. Insert a drop rule at the input filter</A
 ></H4
 ><TABLE
@@ -10689,7 +10718,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2306"
+NAME="AEN2316"
 >18.3.2.5. Delete a rule by number</A
 ></H4
 ><TABLE
@@ -10713,7 +10742,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2309"
+NAME="AEN2319"
 >18.3.2.6. Enable connection tracking</A
 ></H4
 ><P
@@ -10739,7 +10768,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2313"
+NAME="AEN2323"
 >18.3.2.7. Allow ICMPv6</A
 ></H4
 ><P
@@ -10813,7 +10842,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2326"
+NAME="AEN2336"
 >18.3.2.8. Rate-limiting</A
 ></H4
 ><P
@@ -10840,7 +10869,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2330"
+NAME="AEN2340"
 >18.3.2.9. Allow incoming SSH</A
 ></H4
 ><P
@@ -10899,7 +10928,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2341"
+NAME="AEN2351"
 >18.3.2.10. Enable tunneled IPv6-in-IPv4</A
 ></H4
 ><P
@@ -11004,7 +11033,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2361"
+NAME="AEN2371"
 >18.3.2.11. Protection against incoming TCP connection requests</A
 ></H4
 ><P
@@ -11063,7 +11092,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2373"
+NAME="AEN2383"
 >18.3.2.12. Protection against incoming UDP connection requests</A
 ></H4
 ><P
@@ -11121,7 +11150,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2384"
+NAME="AEN2394"
 >18.3.3. Examples</A
 ></H3
 ><DIV
@@ -11129,7 +11158,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2386"
+NAME="AEN2396"
 >18.3.3.1. Simple example for Fedora</A
 ></H4
 ><P
@@ -11262,7 +11291,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2403"
+NAME="AEN2413"
 >18.3.3.2. Sophisticated example</A
 ></H4
 ><P
@@ -11405,7 +11434,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2410"
+NAME="AEN2420"
 >18.4.1. IPv6 Masquerading</A
 ></H3
 ><P
@@ -11431,7 +11460,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2414"
+NAME="AEN2424"
 >18.4.2. IPv6 Destination NAT</A
 ></H3
 ><P
@@ -11457,7 +11486,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2418"
+NAME="AEN2428"
 >18.4.3. IPv6 Port Forwarding</A
 ></H3
 ><P
@@ -11479,6 +11508,263 @@ CLASS="SCREEN"
 ></TABLE
 ></DIV
 ></DIV
+><DIV
+CLASS="SECT1"
+><HR><H2
+CLASS="SECT1"
+><A
+NAME="AEN2432"
+>18.5. Firewalling using nftables</A
+></H2
+><P
+>nftables adds support for a IPv4/IPv6 aware table named “inet”, here only one rule matches both protocols</P
+><DIV
+CLASS="SECT2"
+><HR><H3
+CLASS="SECT2"
+><A
+NAME="AEN2435"
+>18.5.1. Preparation for nftables usage</A
+></H3
+><P
+>Install a Linux distribution which has nftables support already included. At time of writing (May 2014) at least Fedora Rawhide (upcoming version 21) has support in conjunction with nftables version 0.2.0.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><HR><H3
+CLASS="SECT2"
+><A
+NAME="AEN2438"
+>18.5.2. Basic nftables configuration</A
+></H3
+><P
+>Load kernel modules</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># modprobe nf_tables
+# modprobe nf_tables_ipv4
+# modprobe nf_tables_ipv6
+# modprobe nf_tables_inet </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Create filter tables</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add table ip   filter
+# nft add table ip6  filter
+# nft add table inet filter </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Create input chain in each filter table</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add chain ip   filter input { type filter hook input priority 1 \; }
+# nft add chain ip6  filter input { type filter hook input priority 1 \; } 
+# nft add chain inet filter input { type filter hook input priority 0 \; }</PRE
+></FONT
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT2"
+><HR><H3
+CLASS="SECT2"
+><A
+NAME="AEN2446"
+>18.5.3. Simple filter policy with nftables</A
+></H3
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="AEN2448"
+>18.5.3.1. Configuration</A
+></H4
+><P
+>Allow packets which are related to existing connection tracking entries</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule inet filter input ct state established,related counter accept </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Allow IPv4 and IPv6 ICMP echo-request (aka ping)</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule ip filter input icmp type { echo-request } counter accept 
+# nft add rule ip6 filter input icmpv6 type echo-request counter accept </PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Allow some important IPv6 ICMP traffic, without counter, but checking hop-limit for security</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept</PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Allow incoming SSH for IPv4 and IPv6, using therefore the IP version aware table “inet”</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft add rule inet filter input tcp dport 22 ct state new tcp flags \&#38; \(syn \| ack\) == syn counter accept</PRE
+></FONT
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><HR><H4
+CLASS="SECT3"
+><A
+NAME="AEN2458"
+>18.5.3.2. Result</A
+></H4
+><P
+>Table for IPv4 filter</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft list table ip filter
+table ip filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmp type { echo-request} counter packets 0 bytes 0 accept
+	}
+}</PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Table for IPv6 filter</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft list table ip6 filter
+table ip6 filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmpv6 type echo-request counter packets 0 bytes 0 accept
+		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+	}
+}</PRE
+></FONT
+></TD
+></TR
+></TABLE
+><P
+>Table for IP version aware filter</P
+><TABLE
+BORDER="1"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><FONT
+COLOR="#000000"
+><PRE
+CLASS="SCREEN"
+># nft list table inet filter
+table inet filter {
+	chain input {
+		 type filter hook input priority 0;
+		 ct state established,related counter packets 44 bytes 2288 accept
+		 tcp dport ssh ct state new tcp flags &#38; (syn | ack) == syn counter packets 0 bytes 0 accept
+	}
+} </PRE
+></FONT
+></TD
+></TR
+></TABLE
+></DIV
+></DIV
+></DIV
 ></DIV
 ><DIV
 CLASS="CHAPTER"
@@ -11492,7 +11778,7 @@ CLASS="SECT1"
 ><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2424"
+NAME="AEN2468"
 >19.1. Node security</A
 ></H2
 ><P
@@ -11505,7 +11791,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2428"
+NAME="AEN2472"
 >19.2. Access limitations</A
 ></H2
 ><P
@@ -11535,7 +11821,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2437"
+NAME="AEN2481"
 >19.3.1. Legal issues</A
 ></H3
 ><P
@@ -11547,7 +11833,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2440"
+NAME="AEN2484"
 >19.3.2. Security auditing using IPv6-enabled netcat</A
 ></H3
 ><P
@@ -11578,7 +11864,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2445"
+NAME="AEN2489"
 >19.3.3. Security auditing using IPv6-enabled nmap</A
 ></H3
 ><P
@@ -11617,7 +11903,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2450"
+NAME="AEN2494"
 >19.3.4. Security auditing using IPv6-enabled strobe</A
 ></H3
 ><P
@@ -11654,7 +11940,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2456"
+NAME="AEN2500"
 >19.3.5. Security auditing using online tools</A
 ></H3
 ><P
@@ -11685,7 +11971,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2466"
+NAME="AEN2510"
 >19.3.6. Audit results</A
 ></H3
 ><P
@@ -11732,7 +12018,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2481"
+NAME="AEN2525"
 >20.1. Modes of using encryption and authentication</A
 ></H2
 ><P
@@ -11742,7 +12028,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2484"
+NAME="AEN2528"
 >20.1.1. Transport mode</A
 ></H3
 ><P
@@ -11755,7 +12041,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2488"
+NAME="AEN2532"
 >20.1.2. Tunnel mode</A
 ></H3
 ><P
@@ -11769,7 +12055,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2492"
+NAME="AEN2536"
 >20.2. Support in kernel (ESP and AH)</A
 ></H2
 ><DIV
@@ -11777,7 +12063,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2494"
+NAME="AEN2538"
 >20.2.1. Support in vanilla Linux kernel 2.4.x</A
 ></H3
 ><P
@@ -11792,7 +12078,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2498"
+NAME="AEN2542"
 >20.2.2. Support in vanilla Linux kernel 2.6.x</A
 ></H3
 ><P
@@ -11806,7 +12092,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2502"
+NAME="AEN2546"
 >20.3. Automatic key exchange (IKE)</A
 ></H2
 ><P
@@ -11820,7 +12106,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2507"
+NAME="AEN2551"
 >20.3.1. IKE daemon “racoon”</A
 ></H3
 ><P
@@ -11834,7 +12120,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2511"
+NAME="AEN2555"
 >20.3.1.1. Manipulation of the IPsec SA/SP database with the tool “setkey”</A
 ></H4
 ><P
@@ -11905,7 +12191,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2524"
+NAME="AEN2568"
 >20.3.1.2. Configuration of the IKE daemon “racoon”</A
 ></H4
 ><P
@@ -11993,7 +12279,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2532"
+NAME="AEN2576"
 >20.3.1.3. Running IPsec with IKE daemon “racoon”</A
 ></H4
 ><P
@@ -12098,7 +12384,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2541"
+NAME="AEN2585"
 >20.3.2. IKE daemon “pluto”</A
 ></H3
 ><P
@@ -12122,7 +12408,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2548"
+NAME="AEN2592"
 >20.3.2.1. Configuration of the IKE daemon “pluto”</A
 ></H4
 ><P
@@ -12195,7 +12481,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2556"
+NAME="AEN2600"
 >20.3.2.2. Running IPsec with IKE daemon “pluto”</A
 ></H4
 ><P
@@ -12286,7 +12572,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2564"
+NAME="AEN2608"
 >20.4. Additional informations:</A
 ></H2
 ><P
@@ -12340,7 +12626,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2576"
+NAME="AEN2620"
 >21.1. General</A
 ></H2
 ><P
@@ -12372,7 +12658,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN2580"
+NAME="AEN2624"
 >21.2. Linux QoS using “tc”</A
 ></H2
 ><P
@@ -12386,7 +12672,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2584"
+NAME="AEN2628"
 >21.2.1. Example for a constant bitrate queuing</A
 ></H3
 ><P
@@ -12396,7 +12682,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2587"
+NAME="AEN2631"
 >21.2.1.1. Root qdisc definition</A
 ></H4
 ><P
@@ -12422,7 +12708,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2591"
+NAME="AEN2635"
 >21.2.1.2. QoS class definition</A
 ></H4
 ><P
@@ -12499,7 +12785,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2601"
+NAME="AEN2645"
 >21.2.1.3. QoS filter definition</A
 ></H4
 ><P
@@ -12607,7 +12893,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2620"
+NAME="AEN2664"
 >21.2.1.4. Testing filter definitions using iperf</A
 ></H4
 ><P
@@ -12681,7 +12967,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2633"
+NAME="AEN2677"
 >22.1.1. Listening on IPv6 addresses</A
 ></H3
 ><P
@@ -12695,7 +12981,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2638"
+NAME="AEN2682"
 >22.1.1.1. Enable BIND named for listening on IPv6 address</A
 ></H4
 ><P
@@ -12770,7 +13056,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2647"
+NAME="AEN2691"
 >22.1.1.2. Disable BIND named for listening on IPv6 address</A
 ></H4
 ><P
@@ -12800,7 +13086,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2651"
+NAME="AEN2695"
 >22.1.2. IPv6 enabled Access Control Lists (ACL)</A
 ></H3
 ><P
@@ -12866,7 +13152,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2660"
+NAME="AEN2704"
 >22.1.3. Sending queries with dedicated IPv6 address</A
 ></H3
 ><P
@@ -12892,7 +13178,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2664"
+NAME="AEN2708"
 >22.1.4. Per zone defined dedicated IPv6 addresses</A
 ></H3
 ><P
@@ -12902,7 +13188,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2667"
+NAME="AEN2711"
 >22.1.4.1. Transfer source address</A
 ></H4
 ><P
@@ -12928,7 +13214,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2671"
+NAME="AEN2715"
 >22.1.4.2. Notify source address</A
 ></H4
 ><P
@@ -12955,7 +13241,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2675"
+NAME="AEN2719"
 >22.1.5. IPv6 DNS zone files examples</A
 ></H3
 ><P
@@ -12974,7 +13260,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2680"
+NAME="AEN2724"
 >22.1.6. Serving IPv6 related DNS data</A
 ></H3
 ><P
@@ -13032,7 +13318,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2700"
+NAME="AEN2744"
 >22.1.6.1. Current best practice</A
 ></H4
 ><P
@@ -13068,7 +13354,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2713"
+NAME="AEN2757"
 >22.1.7. Checking IPv6-enabled connect</A
 ></H3
 ><P
@@ -13078,7 +13364,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2716"
+NAME="AEN2760"
 >22.1.7.1. IPv6 connect, but denied by ACL</A
 ></H4
 ><P
@@ -13131,7 +13417,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2723"
+NAME="AEN2767"
 >22.1.7.2. Successful IPv6 connect</A
 ></H4
 ><P
@@ -13248,7 +13534,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2742"
+NAME="AEN2786"
 >22.3.1. Listening on IPv6 addresses</A
 ></H3
 ><P
@@ -13258,7 +13544,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2745"
+NAME="AEN2789"
 >22.3.1.1. Virtual host listen on an IPv6 address only</A
 ></H4
 ><TABLE
@@ -13286,7 +13572,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2748"
+NAME="AEN2792"
 >22.3.1.2. Virtual host listen on an IPv6 and on an IPv4 address</A
 ></H4
 ><TABLE
@@ -13337,7 +13623,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2754"
+NAME="AEN2798"
 >22.3.1.3. Additional notes</A
 ></H4
 ><P
@@ -13386,7 +13672,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2771"
+NAME="AEN2815"
 >22.4.1. Configuring radvd</A
 ></H3
 ><DIV
@@ -13394,7 +13680,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2773"
+NAME="AEN2817"
 >22.4.1.1. Simple configuration</A
 ></H4
 ><P
@@ -13452,7 +13738,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2780"
+NAME="AEN2824"
 >22.4.1.2. Special 6to4 configuration</A
 ></H4
 ><P
@@ -13533,7 +13819,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2790"
+NAME="AEN2834"
 >22.4.2. Debugging</A
 ></H3
 ><P
@@ -13596,7 +13882,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2800"
+NAME="AEN2844"
 >22.5.1. Configuration of the DHCPv6 server (dhcp6s)</A
 ></H3
 ><DIV
@@ -13604,7 +13890,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2802"
+NAME="AEN2846"
 >22.5.1.1. Simple configuration</A
 ></H4
 ><P
@@ -13643,7 +13929,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2806"
+NAME="AEN2850"
 >22.5.2. Configuration of the DHCPv6 client (dhcp6c)</A
 ></H3
 ><DIV
@@ -13651,7 +13937,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2808"
+NAME="AEN2852"
 >22.5.2.1. Simple configuration</A
 ></H4
 ><P
@@ -13681,7 +13967,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2812"
+NAME="AEN2856"
 >22.5.3. Usage</A
 ></H3
 ><DIV
@@ -13689,7 +13975,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2814"
+NAME="AEN2858"
 >22.5.3.1. dhcpv6_server</A
 ></H4
 ><P
@@ -13715,7 +14001,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2818"
+NAME="AEN2862"
 >22.5.3.2. dhcpv6_client</A
 ></H4
 ><P
@@ -13742,7 +14028,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2822"
+NAME="AEN2866"
 >22.5.4. Debugging</A
 ></H3
 ><DIV
@@ -13750,7 +14036,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2824"
+NAME="AEN2868"
 >22.5.4.1. dhcpv6_server</A
 ></H4
 ><P
@@ -13776,7 +14062,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2828"
+NAME="AEN2872"
 >22.5.4.2. dhcpv6_client</A
 ></H4
 ><P
@@ -13844,7 +14130,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2838"
+NAME="AEN2882"
 >22.6.1. Configuration of the ISC DHCP server for IPv6 (dhcpd)</A
 ></H3
 ><P
@@ -13854,7 +14140,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2841"
+NAME="AEN2885"
 >22.6.1.1. Simple configuration</A
 ></H4
 ><P
@@ -13920,7 +14206,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2847"
+NAME="AEN2891"
 >22.6.2. Usage</A
 ></H3
 ><DIV
@@ -13928,7 +14214,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2849"
+NAME="AEN2893"
 >22.6.2.1. dhcpd</A
 ></H4
 ><P
@@ -13975,7 +14261,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2856"
+NAME="AEN2900"
 >22.7.1. Configuration of the Dibbler DHCP server for IPv6</A
 ></H3
 ><DIV
@@ -13983,7 +14269,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2858"
+NAME="AEN2902"
 >22.7.1.1. Simple configuration</A
 ></H4
 ><P
@@ -14022,7 +14308,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2862"
+NAME="AEN2906"
 >22.7.2. Usage</A
 ></H3
 ><DIV
@@ -14030,7 +14316,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2864"
+NAME="AEN2908"
 >22.7.2.1. dibbler-server</A
 ></H4
 ><P
@@ -14091,7 +14377,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2871"
+NAME="AEN2915"
 >22.8.1. Filtering capabilities</A
 ></H3
 ><P
@@ -14114,7 +14400,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2879"
+NAME="AEN2923"
 >22.8.2. Which program uses tcp_wrapper</A
 ></H3
 ><P
@@ -14137,7 +14423,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2887"
+NAME="AEN2931"
 >22.8.3. Usage</A
 ></H3
 ><P
@@ -14162,7 +14448,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2891"
+NAME="AEN2935"
 >22.8.3.1. Example for /etc/hosts.allow</A
 ></H4
 ><P
@@ -14191,7 +14477,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2896"
+NAME="AEN2940"
 >22.8.3.2. Example for /etc/hosts.deny</A
 ></H4
 ><P
@@ -14236,7 +14522,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2902"
+NAME="AEN2946"
 >22.8.4. Logging</A
 ></H3
 ><P
@@ -14246,7 +14532,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2905"
+NAME="AEN2949"
 >22.8.4.1. Refused connection</A
 ></H4
 ><P
@@ -14296,7 +14582,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2911"
+NAME="AEN2955"
 >22.8.4.2. Permitted connection</A
 ></H4
 ><P
@@ -14355,7 +14641,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2919"
+NAME="AEN2963"
 >22.9.1. Listening on IPv6 addresses</A
 ></H3
 ><P
@@ -14392,7 +14678,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2926"
+NAME="AEN2970"
 >22.10.1. Listening on IPv6 addresses</A
 ></H3
 ><P
@@ -14492,7 +14778,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2953"
+NAME="AEN2997"
 >23.1.1. Address Structures</A
 ></H3
 ><P
@@ -14502,7 +14788,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2956"
+NAME="AEN3000"
 >23.1.1.1. IPv4 sockaddr_in</A
 ></H4
 ><P
@@ -14536,7 +14822,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2961"
+NAME="AEN3005"
 >23.1.1.2. IPv6 sockaddr_in6</A
 ></H4
 ><P
@@ -14594,7 +14880,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN2971"
+NAME="AEN3015"
 >23.1.1.3. Generic Addresses</A
 ></H4
 ><P
@@ -14668,7 +14954,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN2979"
+NAME="AEN3023"
 >23.1.2. Lookup Functions</A
 ></H3
 ><P
@@ -14777,7 +15063,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3002"
+NAME="AEN3046"
 >23.1.3. Quirks Encountered</A
 ></H3
 ><P
@@ -14787,7 +15073,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3005"
+NAME="AEN3049"
 >23.1.3.1. IPv4 Mapped Addresses</A
 ></H4
 ><P
@@ -14819,7 +15105,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3012"
+NAME="AEN3056"
 >23.1.3.2. Cannot Specify the Scope Identifier in /etc/hosts</A
 ></H4
 ><P
@@ -14850,7 +15136,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3017"
+NAME="AEN3061"
 >23.1.3.3. Client &#38; Server Residing on the Same Machine</A
 ></H4
 ><P
@@ -14862,7 +15148,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3020"
+NAME="AEN3064"
 >23.1.4. Putting It All Together (A Client-Server Programming Example)</A
 ></H3
 ><P
@@ -14870,7 +15156,7 @@ NAME="AEN3020"
 >Porting applications to IPv6 HowTo</EM
 >. For the record, the source code presented here is original, developed from scratch, and any similarity between it and any other publicly available 'daytime' example is purely coincidental.]. The source code presented in this section was developed and tested on a RedHat Linux release using the 2.6 kernel (2.6.9 to be specific). Readers may use the source code freely, so long as proper credit is attributed; but of course the standard disclaimer must be given first: </P
 ><A
-NAME="AEN3024"
+NAME="AEN3068"
 ></A
 ><BLOCKQUOTE
 CLASS="BLOCKQUOTE"
@@ -14884,7 +15170,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3027"
+NAME="AEN3071"
 >23.1.4.1. 'Daytime' Server Code</A
 ></H4
 ><P
@@ -15743,7 +16029,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3045"
+NAME="AEN3089"
 >23.1.4.2. 'Daytime' TCP Client Code</A
 ></H4
 ><P
@@ -16284,7 +16570,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3071"
+NAME="AEN3115"
 >23.1.4.3. 'Daytime' UDP Client Code</A
 ></H4
 ><P
@@ -16825,7 +17111,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN3097"
+NAME="AEN3141"
 >23.2. Other programming languages</A
 ></H2
 ><DIV
@@ -16833,7 +17119,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3099"
+NAME="AEN3143"
 >23.2.1. JAVA</A
 ></H3
 ><P
@@ -16858,7 +17144,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3106"
+NAME="AEN3150"
 >23.2.2. Perl</A
 ></H3
 ><P
@@ -16922,7 +17208,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3124"
+NAME="AEN3168"
 >25.1.1. Printed Books (English)</A
 ></H3
 ><DIV
@@ -16930,7 +17216,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3126"
+NAME="AEN3170"
 >25.1.1.1. Cisco</A
 ></H4
 ><P
@@ -16952,7 +17238,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3133"
+NAME="AEN3177"
 >25.1.1.2. General</A
 ></H4
 ><P
@@ -17049,7 +17335,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3167"
+NAME="AEN3211"
 >25.1.2. Articles, eBooks, Online Reviews (mixed)</A
 ></H3
 ><P
@@ -17165,7 +17451,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3205"
+NAME="AEN3249"
 >25.1.4. Others</A
 ></H3
 ><P
@@ -17191,7 +17477,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3212"
+NAME="AEN3256"
 >25.2.1. 2004</A
 ></H3
 ><P
@@ -17440,7 +17726,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3287"
+NAME="AEN3331"
 >25.3.2. Latest news and URLs to other documents</A
 ></H3
 ><P
@@ -17469,7 +17755,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3296"
+NAME="AEN3340"
 >25.3.3. Protocol references</A
 ></H3
 ><DIV
@@ -17477,7 +17763,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3298"
+NAME="AEN3342"
 >25.3.3.1. IPv6-related Request For Comments (RFCs)</A
 ></H4
 ><P
@@ -17512,7 +17798,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3309"
+NAME="AEN3353"
 >25.3.3.2. Current drafts of working groups</A
 ></H4
 ><P
@@ -17583,7 +17869,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3334"
+NAME="AEN3378"
 >25.3.3.3. Others</A
 ></H4
 ><P
@@ -17605,7 +17891,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3340"
+NAME="AEN3384"
 >25.3.4. More information</A
 ></H3
 ><P
@@ -17619,7 +17905,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3344"
+NAME="AEN3388"
 >25.3.4.1. Linux related</A
 ></H4
 ><P
@@ -17704,7 +17990,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3372"
+NAME="AEN3416"
 >25.3.4.2. Linux related per distribution</A
 ></H4
 ><P
@@ -17794,7 +18080,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3409"
+NAME="AEN3453"
 >25.3.4.3. General</A
 ></H4
 ><P
@@ -17974,22 +18260,18 @@ NAME="INFORMATION-MARKETRESEARCH"
 ><LI
 ><P
 ><A
-HREF="http://www.seminarinformation.com/wconnect/wc.dll?sis~details0~307~TSN"
+HREF="http://www.statista.com/search/internet+america/"
 TARGET="_top"
->A Tale of Two Wireless Technology Trends: Processor Development Outsourcing and IPv6</A
->Yankee Group - 4/1/2002 - 12 Pages - ID: YANL768881</P
+>statista - The Statistics Portal</A
+></P
 ></LI
 ><LI
 ><P
 ><A
-HREF="http://www.marketresearch.com/product/display.asp?SID=88602378-241489274-186851952&#38;ProductID=803907"
+HREF="http://www.marketresearch.com/"
 TARGET="_top"
->The World Atlas of the Internet: Americas</A
->; IDATE - 2/1/2002 - 242 PAges - ID: IDT803907. Countries covered: Central America, North America, South America; List: Price: $ 3,500.00; excerpt: Panorama of Internet access markets across the globe. Market assessment and forecasts up to 2006 for 34 countries: market structure: main ISPs and market shares; number of subscribers, of ISPs.</P
-></LI
-><LI
-><P
->Early Interest Rising for IPv6 by IDC (Author); List Price:   $1,500.00; Edition: e-book (Acrobat Reader); Publisher: IDC; ISBN B000065T8E; (March 1, 2002) </P
+>Market Research</A
+></P
 ></LI
 ></UL
 ></DIV
@@ -18030,7 +18312,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3490"
+NAME="AEN3532"
 >25.3.5. By countries</A
 ></H3
 ><DIV
@@ -18038,7 +18320,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3492"
+NAME="AEN3534"
 >25.3.5.1. Europe</A
 ></H4
 ><P
@@ -18067,7 +18349,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3501"
+NAME="AEN3543"
 >25.3.5.2. Austria</A
 ></H4
 ><P
@@ -18088,7 +18370,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3507"
+NAME="AEN3549"
 >25.3.5.3. Australia</A
 ></H4
 ><P
@@ -18109,7 +18391,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3513"
+NAME="AEN3555"
 >25.3.5.4. Belgium</A
 ></H4
 ><P
@@ -18120,7 +18402,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3516"
+NAME="AEN3558"
 >25.3.5.5. Brasil</A
 ></H4
 ><P
@@ -18141,7 +18423,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3522"
+NAME="AEN3564"
 >25.3.5.6. China</A
 ></H4
 ><P
@@ -18152,7 +18434,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3525"
+NAME="AEN3567"
 >25.3.5.7. Czech</A
 ></H4
 ><P
@@ -18163,7 +18445,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3528"
+NAME="AEN3570"
 >25.3.5.8. Germany</A
 ></H4
 ><P
@@ -18184,7 +18466,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3534"
+NAME="AEN3576"
 >25.3.5.9. France</A
 ></H4
 ><P
@@ -18221,7 +18503,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3546"
+NAME="AEN3588"
 >25.3.5.10. Italy</A
 ></H4
 ><P
@@ -18242,7 +18524,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3552"
+NAME="AEN3594"
 >25.3.5.11. Japan</A
 ></H4
 ><P
@@ -18263,7 +18545,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3558"
+NAME="AEN3600"
 >25.3.5.12. Korea</A
 ></H4
 ><P
@@ -18292,7 +18574,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3567"
+NAME="AEN3609"
 >25.3.5.13. Mexico</A
 ></H4
 ><P
@@ -18313,7 +18595,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3573"
+NAME="AEN3615"
 >25.3.5.14. Netherland</A
 ></H4
 ><P
@@ -18354,7 +18636,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3586"
+NAME="AEN3628"
 >25.3.5.15. Portugal</A
 ></H4
 ><P
@@ -18365,7 +18647,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3589"
+NAME="AEN3631"
 >25.3.5.16. Russia</A
 ></H4
 ><P
@@ -18386,7 +18668,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3595"
+NAME="AEN3637"
 >25.3.5.17. Switzerland</A
 ></H4
 ><P
@@ -18397,7 +18679,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3598"
+NAME="AEN3640"
 >25.3.5.18. United Kingdom</A
 ></H4
 ><P
@@ -18419,7 +18701,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3604"
+NAME="AEN3646"
 >25.3.6. By operating systems</A
 ></H3
 ><DIV
@@ -18427,7 +18709,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3606"
+NAME="AEN3648"
 >25.3.6.1. *BSD</A
 ></H4
 ><P
@@ -18464,7 +18746,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3618"
+NAME="AEN3660"
 >25.3.6.2. Cisco IOS</A
 ></H4
 ><P
@@ -18501,7 +18783,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3630"
+NAME="AEN3672"
 >25.3.6.3. HPUX</A
 ></H4
 ><P
@@ -18522,7 +18804,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3636"
+NAME="AEN3678"
 >25.3.6.4. IBM</A
 ></H4
 ><P
@@ -18543,7 +18825,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3642"
+NAME="AEN3684"
 >25.3.6.5. Microsoft</A
 ></H4
 ><P
@@ -18620,7 +18902,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3669"
+NAME="AEN3711"
 >25.3.6.6. Solaris</A
 ></H4
 ><P
@@ -18649,7 +18931,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3678"
+NAME="AEN3720"
 >25.3.6.7. Sumitoma</A
 ></H4
 ><P
@@ -18670,7 +18952,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3684"
+NAME="AEN3726"
 >25.3.6.8. ZebOS</A
 ></H4
 ><P
@@ -18737,7 +19019,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3705"
+NAME="AEN3747"
 >25.3.8. Application lists</A
 ></H3
 ><P
@@ -18785,7 +19067,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3721"
+NAME="AEN3763"
 >25.3.8.1. Analyzer tools</A
 ></H4
 ><P
@@ -18816,7 +19098,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3731"
+NAME="AEN3773"
 >25.3.8.2. IPv6 Products</A
 ></H4
 ><P
@@ -18916,7 +19198,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN3764"
+NAME="AEN3806"
 >25.4. IPv6 Infrastructure</A
 ></H2
 ><DIV
@@ -18924,7 +19206,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3766"
+NAME="AEN3808"
 >25.4.1. Statistics</A
 ></H3
 ><P
@@ -18957,7 +19239,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN3776"
+NAME="AEN3818"
 >25.4.2. Internet Exchanges</A
 ></H3
 ><P
@@ -19593,7 +19875,7 @@ CLASS="SECT3"
 ><HR><H4
 CLASS="SECT3"
 ><A
-NAME="AEN3957"
+NAME="AEN3999"
 >25.4.4.4. Radio Stations, Music Streams</A
 ></H4
 ><P
@@ -19653,7 +19935,7 @@ CLASS="INFORMALTABLE"
 ><P
 ></P
 ><A
-NAME="AEN3975"
+NAME="AEN4017"
 ></A
 ><TABLE
 BORDER="1"
@@ -20056,7 +20338,7 @@ CLASS="SECT2"
 ><H3
 CLASS="SECT2"
 ><A
-NAME="AEN4090"
+NAME="AEN4132"
 >25.6.1. Testing tools</A
 ></H3
 ><P
@@ -20093,7 +20375,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN4102"
+NAME="AEN4144"
 >25.6.2. Information retrievement</A
 ></H3
 ><P
@@ -20114,7 +20396,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN4108"
+NAME="AEN4150"
 >25.6.3. IPv6 Looking Glasses</A
 ></H3
 ><P
@@ -20135,7 +20417,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN4114"
+NAME="AEN4156"
 >25.6.4. Helper applications</A
 ></H3
 ><P
@@ -20225,7 +20507,7 @@ Publisher: MarketResearch.com; ISBN B00006334Y; (November 1, 2001) </P
 CLASS="CHAPTER"
 ><HR><H1
 ><A
-NAME="AEN4141"
+NAME="AEN4183"
 ></A
 >Chapter 26. Revision history / Credits / The End</H1
 ><DIV
@@ -20245,7 +20527,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN4147"
+NAME="AEN4189"
 >26.1.1. Releases 0.x</A
 ></H3
 ><P
@@ -20257,7 +20539,7 @@ CLASS="VARIABLELIST"
 >0.66</DT
 ><DD
 ><P
->2010-04-20/PB: extend QoS section with examples, 20130513/PB: add IPv6 NAT hints, 20130521/PB: review dhcpd, 20131019/bie: general review</P
+>2010-04-20/PB: extend QoS section with examples, 20130513/PB: add IPv6 NAT hints, 20130521/PB: review dhcpd, 20131019/bie: general review, 20140502/bie: add hints for nftables</P
 ></DD
 ><DT
 >0.65</DT
@@ -20940,7 +21222,7 @@ CLASS="SECT2"
 ><HR><H3
 CLASS="SECT2"
 ><A
-NAME="AEN4584"
+NAME="AEN4626"
 >26.2.2. Other credits</A
 ></H3
 ><DIV
@@ -20948,7 +21230,7 @@ CLASS="SECT3"
 ><H4
 CLASS="SECT3"
 ><A
-NAME="AEN4586"
+NAME="AEN4628"
 >26.2.2.1. Document technique related</A
 ></H4
 ><P
@@ -21152,7 +21434,7 @@ CLASS="SECT1"
 ><HR><H2
 CLASS="SECT1"
 ><A
-NAME="AEN4678"
+NAME="AEN4720"
 >26.3. The End</A
 ></H2
 ><P
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.lyx b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.lyx
index db8e0e9b..eb85710e 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.lyx
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.lyx
@@ -1,5 +1,5 @@
-#LyX 2.0 created this file. For more info see http://www.lyx.org/
-\lyxformat 413
+#LyX 2.1 created this file. For more info see http://www.lyx.org/
+\lyxformat 474
 \begin_document
 \begin_header
 \textclass docbook-book
@@ -15,13 +15,13 @@
 \font_roman default
 \font_sans default
 \font_typewriter default
+\font_math auto
 \font_default_family default
 \use_non_tex_fonts false
 \font_sc false
 \font_osf false
 \font_sf_scale 100
 \font_tt_scale 100
-
 \graphics default
 \default_output_format default
 \output_sync 0
@@ -32,15 +32,24 @@
 \use_hyperref false
 \papersize default
 \use_geometry false
-\use_amsmath 1
-\use_esint 0
-\use_mhchem 1
-\use_mathdots 1
+\use_package amsmath 1
+\use_package amssymb 1
+\use_package cancel 0
+\use_package esint 0
+\use_package mathdots 1
+\use_package mathtools 0
+\use_package mhchem 1
+\use_package stackrel 0
+\use_package stmaryrd 0
+\use_package undertilde 0
 \cite_engine basic
+\cite_engine_type default
+\biblio_style plain
 \use_bibtopic false
 \use_indices false
 \paperorientation portrait
 \suppress_date false
+\justification true
 \use_refstyle 0
 \index Index
 \shortcut idx
@@ -102,7 +111,7 @@ status open
 
 \begin_layout Plain Layout
 
-<revision> <revnumber>0.66wip</revnumber> <date>2013-11-12</date> <authorinitials
+<revision> <revnumber>0.66wip</revnumber> <date>2014-05-02</date> <authorinitials
 >PB</authorinitials></revision>
 \end_layout
 
@@ -255,7 +264,7 @@ Copyright
 \end_layout
 
 \begin_layout Standard
-Written and Copyright (C) 2001-2013 by Peter Bieringer
+Written and Copyright (C) 2001-2014 by Peter Bieringer
 \end_layout
 
 \begin_layout Subsection
@@ -288,7 +297,7 @@ Copyright
 \lang ngerman
 ©
 \lang english
- 2001-2013 Peter Bieringer 
+ 2001-2014 Peter Bieringer 
 \begin_inset Newline newline
 \end_inset
 
@@ -10174,8 +10183,17 @@ reference "IPv6-security-auditing"
 \end_layout
 
 \begin_layout Standard
-Since kernel version 2.6.20 IPv6 connection tracking is fully working (and
- does not break IPv4 NAT anymore like versions before)
+Since kernel version 2.6.20 (February 2007) IPv6 connection tracking is fully
+ working (and does not break IPv4 NAT anymore like versions before)
+\end_layout
+
+\begin_layout Standard
+Since kernel version 3.9.0 (April 2013) NAT for IPv6 is supported with ip6tables
+ >= 1.4.18
+\end_layout
+
+\begin_layout Standard
+Since kernel version 3.13 (April 2014) new framework introduced named: nftables
 \end_layout
 
 \begin_layout Subsection
@@ -10560,7 +10578,7 @@ Perhaps it's necessary to create a softlink for iptables libraries where
 \end_layout
 
 \begin_layout Section
-Usage
+Usage of ip6tables
 \end_layout
 
 \begin_layout Subsection
@@ -11624,6 +11642,277 @@ A dedicated specified port can be forwarded to an internal system, e.g.
 nation [fec0::1234]:80
 \end_layout
 
+\begin_layout Section
+Firewalling using nftables
+\end_layout
+
+\begin_layout Standard
+nftables adds support for a IPv4/IPv6 aware table named 
+\begin_inset Quotes sld
+\end_inset
+
+inet
+\begin_inset Quotes srd
+\end_inset
+
+, here only one rule matches both protocols
+\end_layout
+
+\begin_layout Subsection
+Preparation for nftables usage
+\end_layout
+
+\begin_layout Standard
+Install a Linux distribution which has nftables support already included.
+ At time of writing (May 2014) at least Fedora Rawhide (upcoming version
+ 21) has support in conjunction with nftables version 0.2.0.
+\end_layout
+
+\begin_layout Subsection
+Basic nftables configuration
+\end_layout
+
+\begin_layout Standard
+Load kernel modules
+\end_layout
+
+\begin_layout Code
+# modprobe nf_tables
+\end_layout
+
+\begin_layout Code
+# modprobe nf_tables_ipv4
+\end_layout
+
+\begin_layout Code
+# modprobe nf_tables_ipv6
+\end_layout
+
+\begin_layout Code
+# modprobe nf_tables_inet 
+\end_layout
+
+\begin_layout Standard
+Create filter tables
+\end_layout
+
+\begin_layout Code
+# nft add table ip   filter
+\end_layout
+
+\begin_layout Code
+# nft add table ip6  filter
+\end_layout
+
+\begin_layout Code
+# nft add table inet filter 
+\end_layout
+
+\begin_layout Standard
+Create input chain in each filter table
+\end_layout
+
+\begin_layout Code
+# nft add chain ip   filter input { type filter hook input priority 1 
+\backslash
+; }
+\end_layout
+
+\begin_layout Code
+# nft add chain ip6  filter input { type filter hook input priority 1 
+\backslash
+; } 
+\end_layout
+
+\begin_layout Code
+# nft add chain inet filter input { type filter hook input priority 0 
+\backslash
+; }
+\end_layout
+
+\begin_layout Subsection
+Simple filter policy with nftables
+\end_layout
+
+\begin_layout Subsubsection
+Configuration
+\end_layout
+
+\begin_layout Standard
+Allow packets which are related to existing connection tracking entries
+\end_layout
+
+\begin_layout Code
+# nft add rule inet filter input ct state established,related counter accept
+ 
+\end_layout
+
+\begin_layout Standard
+Allow IPv4 and IPv6 ICMP echo-request (aka ping)
+\end_layout
+
+\begin_layout Code
+# nft add rule ip filter input icmp type { echo-request } counter accept
+ 
+\end_layout
+
+\begin_layout Code
+# nft add rule ip6 filter input icmpv6 type echo-request counter accept
+ 
+\end_layout
+
+\begin_layout Standard
+Allow some important IPv6 ICMP traffic, without counter, but checking hop-limit
+ for security
+\end_layout
+
+\begin_layout Code
+# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-adv
+ert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter
+ input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert
+ } ip6 hoplimit 255 accept
+\end_layout
+
+\begin_layout Standard
+Allow incoming SSH for IPv4 and IPv6, using therefore the IP version aware
+ table 
+\begin_inset Quotes sld
+\end_inset
+
+inet
+\begin_inset Quotes srd
+\end_inset
+
+
+\end_layout
+
+\begin_layout Code
+# nft add rule inet filter input tcp dport 22 ct state new tcp flags 
+\backslash
+& 
+\backslash
+(syn 
+\backslash
+| ack
+\backslash
+) == syn counter accept
+\end_layout
+
+\begin_layout Subsubsection
+Result
+\end_layout
+
+\begin_layout Standard
+Table for IPv4 filter
+\end_layout
+
+\begin_layout Code
+# nft list table ip filter
+\end_layout
+
+\begin_layout Code
+table ip filter {
+\end_layout
+
+\begin_layout Code
+	chain input {
+\end_layout
+
+\begin_layout Code
+		 type filter hook input priority 1;
+\end_layout
+
+\begin_layout Code
+		 icmp type { echo-request} counter packets 0 bytes 0 accept
+\end_layout
+
+\begin_layout Code
+	}
+\end_layout
+
+\begin_layout Code
+}
+\end_layout
+
+\begin_layout Standard
+Table for IPv6 filter
+\end_layout
+
+\begin_layout Code
+# nft list table ip6 filter
+\end_layout
+
+\begin_layout Code
+table ip6 filter {
+\end_layout
+
+\begin_layout Code
+	chain input {
+\end_layout
+
+\begin_layout Code
+		 type filter hook input priority 1;
+\end_layout
+
+\begin_layout Code
+		 icmpv6 type echo-request counter packets 0 bytes 0 accept
+\end_layout
+
+\begin_layout Code
+		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
+ nd-router-advert} accept
+\end_layout
+
+\begin_layout Code
+		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
+ nd-router-advert} accept
+\end_layout
+
+\begin_layout Code
+	}
+\end_layout
+
+\begin_layout Code
+}
+\end_layout
+
+\begin_layout Standard
+Table for IP version aware filter
+\end_layout
+
+\begin_layout Code
+# nft list table inet filter
+\end_layout
+
+\begin_layout Code
+table inet filter {
+\end_layout
+
+\begin_layout Code
+	chain input {
+\end_layout
+
+\begin_layout Code
+		 type filter hook input priority 0;
+\end_layout
+
+\begin_layout Code
+		 ct state established,related counter packets 44 bytes 2288 accept
+\end_layout
+
+\begin_layout Code
+		 tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets
+ 0 bytes 0 accept
+\end_layout
+
+\begin_layout Code
+	}
+\end_layout
+
+\begin_layout Code
+} 
+\end_layout
+
 \begin_layout Chapter
 \begin_inset CommandInset label
 LatexCommand label
@@ -27849,7 +28138,7 @@ Major Mailinglists are listed in following table:
 \begin_layout Standard
 \begin_inset Tabular
 <lyxtabular version="3" rows="8" columns="6">
-<features tabularvalignment="middle">
+<features rotate="0" tabularvalignment="middle">
 <column alignment="center" valignment="top" width="0pt">
 <column alignment="center" valignment="top" width="0pt">
 <column alignment="center" valignment="top" width="0pt">
@@ -28825,7 +29114,8 @@ Releases 0.x
 
 \begin_layout Description
 0.66 2010-04-20/PB: extend QoS section with examples, 20130513/PB: add IPv6
- NAT hints, 20130521/PB: review dhcpd, 20131019/bie: general review
+ NAT hints, 20130521/PB: review dhcpd, 20131019/bie: general review, 20140502/bi
+e: add hints for nftables
 \end_layout
 
 \begin_layout Description
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf
index d72edd5a..511ae16f 100644
Binary files a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf and b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf differ
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml
index 126cdc0c..1bed3dca 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml
@@ -6,14 +6,14 @@
 <!ENTITY % output.print.bmp "IGNORE">
  ]>
 
-<!-- SGML file was created by LyX 2.0.6
+<!-- SGML file was created by LyX 2.1.0
   See http://www.lyx.org/ for more information -->
 <book lang="en">
 <bookinfo>
 <title>Linux IPv6 HOWTO (en)</title>
 <author><firstname>Peter</firstname><surname>Bieringer</surname><affiliation><address>pb at bieringer dot de</address></affiliation></author>
 <revhistory> 
-<revision> <revnumber>0.66wip</revnumber> <date>2013-11-12</date> <authorinitials>PB</authorinitials></revision>
+<revision> <revnumber>0.66wip</revnumber> <date>2014-05-02</date> <authorinitials>PB</authorinitials></revision>
 <revision> <revnumber>0.65</revnumber> <date>2009-12-13</date> <authorinitials>PB</authorinitials></revision>
 <revision> <revnumber>0.64</revnumber> <date>2009-06-11</date> <authorinitials>PB</authorinitials></revision>
 <revision> <revnumber>0.60</revnumber> <date>2007-05-31</date> <authorinitials>PB</authorinitials></revision>
@@ -26,13 +26,13 @@
 <title><!-- anchor id="general-copright" -->Copyright, license and others</title>
 <sect2>
 <title>Copyright</title>
-<para>Written and Copyright (C) 2001-2013 by Peter Bieringer</para></sect2><sect2>
+<para>Written and Copyright (C) 2001-2014 by Peter Bieringer</para></sect2><sect2>
 <title>License</title>
 <para>This Linux IPv6 HOWTO is published under GNU GPL version 2:
 </para>
 <para>The Linux IPv6 HOWTO, a guide how to configure and use IPv6 on Linux systems. 
 </para>
-<para>Copyright © 2001-2013 Peter Bieringer 
+<para>Copyright © 2001-2014 Peter Bieringer 
 </para>
 <para>This documentation is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. </para>
 <para>This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. </para>
@@ -1631,7 +1631,9 @@ In versions 8.x they completly change their configuration setup. </para><sect2>
 <para>Native IPv6 firewalling is only supported in kernel versions 2.4+. In older 2.2- you can only filter IPv6-in-IPv4 by protocol 41. </para>
 <para>Attention: no warranty that described rules or examples can really protect your system! </para>
 <para>Audit your ruleset after installation, see <xref linkend="IPv6-security-auditing"> for more.</para>
-<para>Since kernel version 2.6.20 IPv6 connection tracking is fully working (and does not break IPv4 NAT anymore like versions before)</para><sect2>
+<para>Since kernel version 2.6.20 (February 2007) IPv6 connection tracking is fully working (and does not break IPv4 NAT anymore like versions before)</para>
+<para>Since kernel version 3.9.0 (April 2013) NAT for IPv6 is supported with ip6tables &gt;= 1.4.18</para>
+<para>Since kernel version 3.13 (April 2014) new framework introduced named: nftables</para><sect2>
 <title>More information</title>
 <itemizedlist>
 <listitem><para><ulink url="http://www.netfilter.org/">Netfilter project</ulink></para></listitem><listitem><para><ulink url="https://lists.netfilter.org/mailman/listinfo/netfilter">maillist archive of netfilter users</ulink></para></listitem><listitem><para><ulink url="https://lists.netfilter.org/mailman/listinfo/netfilter-devel">maillist archive of netfilter developers</ulink></para></listitem><listitem><para><ulink url="http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-kernel.html#netfilter6 ">Unofficial status informations</ulink></para></listitem></itemizedlist></sect2></sect1><sect1>
@@ -1710,7 +1712,7 @@ Extensions found: IPv6:owner IPv6:limit IPv6:mac IPv6:multiport
 ]]></screen><para>Perhaps it's necessary to create a softlink for iptables libraries where iptables looks for them </para><screen>
 <![CDATA[# ln -s /lib/iptables/ /usr/lib/iptables 
 ]]></screen></sect2></sect1><sect1>
-<title>Usage</title>
+<title>Usage of ip6tables</title>
 <sect2>
 <title>Check for support</title>
 <para>Load module, if so compiled </para><screen>
@@ -1979,7 +1981,68 @@ Chain intOUT (1 references)
 <title>IPv6 Port Forwarding</title>
 <para>A dedicated specified port can be forwarded to an internal system, e.g.</para><screen>
 <![CDATA[# ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-destination [fec0::1234]:80
-]]></screen></sect2></sect1></chapter><chapter id='chapter-security' >
+]]></screen></sect2></sect1><sect1>
+<title>Firewalling using nftables</title>
+<para>nftables adds support for a IPv4/IPv6 aware table named &ldquo;inet&rdquo;, here only one rule matches both protocols</para><sect2>
+<title>Preparation for nftables usage</title>
+<para>Install a Linux distribution which has nftables support already included. At time of writing (May 2014) at least Fedora Rawhide (upcoming version 21) has support in conjunction with nftables version 0.2.0.</para></sect2><sect2>
+<title>Basic nftables configuration</title>
+<para>Load kernel modules</para><screen>
+<![CDATA[# modprobe nf_tables
+# modprobe nf_tables_ipv4
+# modprobe nf_tables_ipv6
+# modprobe nf_tables_inet 
+]]></screen><para>Create filter tables</para><screen>
+<![CDATA[# nft add table ip   filter
+# nft add table ip6  filter
+# nft add table inet filter 
+]]></screen><para>Create input chain in each filter table</para><screen>
+<![CDATA[# nft add chain ip   filter input { type filter hook input priority 1 \; }
+# nft add chain ip6  filter input { type filter hook input priority 1 \; } 
+# nft add chain inet filter input { type filter hook input priority 0 \; }
+]]></screen></sect2><sect2>
+<title>Simple filter policy with nftables</title>
+<sect3>
+<title>Configuration</title>
+<para>Allow packets which are related to existing connection tracking entries</para><screen>
+<![CDATA[# nft add rule inet filter input ct state established,related counter accept 
+]]></screen><para>Allow IPv4 and IPv6 ICMP echo-request (aka ping)</para><screen>
+<![CDATA[# nft add rule ip filter input icmp type { echo-request } counter accept 
+# nft add rule ip6 filter input icmpv6 type echo-request counter accept 
+]]></screen><para>Allow some important IPv6 ICMP traffic, without counter, but checking hop-limit for security</para><screen>
+<![CDATA[# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept
+]]></screen><para>Allow incoming SSH for IPv4 and IPv6, using therefore the IP version aware table &ldquo;inet&rdquo;</para><screen>
+<![CDATA[# nft add rule inet filter input tcp dport 22 ct state new tcp flags \& \(syn \| ack\) == syn counter accept
+]]></screen></sect3><sect3>
+<title>Result</title>
+<para>Table for IPv4 filter</para><screen>
+<![CDATA[# nft list table ip filter
+table ip filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmp type { echo-request} counter packets 0 bytes 0 accept
+	}
+}
+]]></screen><para>Table for IPv6 filter</para><screen>
+<![CDATA[# nft list table ip6 filter
+table ip6 filter {
+	chain input {
+		 type filter hook input priority 1;
+		 icmpv6 type echo-request counter packets 0 bytes 0 accept
+		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+	}
+}
+]]></screen><para>Table for IP version aware filter</para><screen>
+<![CDATA[# nft list table inet filter
+table inet filter {
+	chain input {
+		 type filter hook input priority 0;
+		 ct state established,related counter packets 44 bytes 2288 accept
+		 tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets 0 bytes 0 accept
+	}
+} 
+]]></screen></sect3></sect2></sect1></chapter><chapter id='chapter-security' >
 <title><!-- anchor id="chapter-security" -->Security</title>
 <sect1>
 <title>Node security</title>
@@ -5033,7 +5096,7 @@ Publisher: MarketResearch.com; ISBN B00006334Y; (November 1, 2001)
 <para>Versions x.y.z are work-in-progress and published as LyX and SGML file on CVS. Because Deep Space 6 mirrors these SGML files and generate independend from TLDP public versions, this versions will show up there and also on its mirrors.</para><sect2>
 <title>Releases 0.x</title>
 <variablelist>
-<varlistentry><term>0.66</term><listitem><para>2010-04-20/PB: extend QoS section with examples, 20130513/PB: add IPv6 NAT hints, 20130521/PB: review dhcpd, 20131019/bie: general review</para></listitem></varlistentry><varlistentry><term>0.65</term><listitem><para>2009-12-13/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.64</term><listitem><para>2009-06-11/PB: extend DHCP server examples (ISC DHCP, Dibbler)</para></listitem></varlistentry><varlistentry><term>0.63</term><listitem><para>2009-02-14/PB: Fix FSF address, major update on 4in6 tunnels, add new section for address resolving, add some URLs, remove broken URLs</para></listitem></varlistentry><varlistentry><term>0.62</term><listitem><para>2008-11-09/PB: Adjust URL to Turkish howto, add some HIP related URLs, remove broken URLs</para></listitem></varlistentry><varlistentry><term>0.61.1</term><listitem><para>2007-11-11/PB: fix broken description of shortcut BIND</para></listitem></varlistentry><varlistentry><term>0.61</term><listitem><para>2007-10-06/PB: fix broken URLs to TLDP-CVS, minor URL update.</para></listitem></varlistentry><varlistentry><term>0.60.2</term><listitem><para>2007-10-03/PB: fix description of sysctl/autoconf (credits to Francois-Xavier Le Bail)</para></listitem></varlistentry><varlistentry><term>0.60.1</term><listitem><para>2007-06-16/PB: speling fixes (credits to Larry W. Burton)</para></listitem></varlistentry><varlistentry><term>0.60</term><listitem><para>2007-05-29/PB: import major contribution to Programming using C-API written by John Wenker, minor fixes</para></listitem></varlistentry><varlistentry><term>0.52</term><listitem><para>2007-05-23/PB: update firewalling chapter, improve document for proper SGML validation, minor bugfixes</para></listitem></varlistentry><varlistentry><term>0.51</term><listitem><para>2006-11-08/PB: remove broken URLs, add a new book (credits to Bryan Vukich)</para></listitem></varlistentry><varlistentry><term>0.50.2</term><listitem><para>2006-10-25/PB: fix typo in dhcp6 section (credits to Michele Ferritto)</para></listitem></varlistentry><varlistentry><term>0.50.1</term><listitem><para>2006-09-23/PB: add some URLs</para></listitem></varlistentry><varlistentry><term>0.50</term><listitem><para>2006-08-24/PB: check RFC URLs, fix URL to Chinese translation, finalize for publishing</para></listitem></varlistentry><varlistentry><term>0.49.5</term><listitem><para>2006-08-23/PB: fix/remove broken URLs</para></listitem></varlistentry><varlistentry><term>0.49.4</term><listitem><para>2006-08-21/PB: some review, update and enhancement of the content, replace old 6bone example addresses with the current defined ones.</para></listitem></varlistentry><varlistentry><term>0.49.3</term><listitem><para>2006-08-20/PB: fix bug in maillist entries, 'mobility' is now a separate chapter</para></listitem></varlistentry><varlistentry><term>0.49.2</term><listitem><para>2006-08-20/PB: update and cleanup of maillist entries</para></listitem></varlistentry><varlistentry><term>0.49.1</term><listitem><para>2006-06-13/PB: major update of mobility section (contributed by Benjamin Thery)</para></listitem></varlistentry><varlistentry><term>0.49</term><listitem><para>2005-10-03/PB: add configuration hints for DHCPv6, major broken URL cleanup (credits to Necdet Yucel)</para></listitem></varlistentry><varlistentry><term>0.48.1</term><listitem><para>2005-01-15/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.48</term><listitem><para>2005-01-11/PB: grammar check and minor review of IPv6 IPsec section</para></listitem></varlistentry><varlistentry><term>0.47.1</term><listitem><para>2005-01-01/PB: add information and examples about IPv6 IPsec, add some URLs</para></listitem></varlistentry><varlistentry><term>0.47</term><listitem><para>2004-08-30/PB: add some notes about proftpd, vsftpd and other daemons, add some URLs, minor fixes, update status of Spanish translation</para></listitem></varlistentry><varlistentry><term>0.46.4</term><listitem><para>2004-07-19/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.46.3</term><listitem><para>2004-06-23/PB: add note about started Greek translation, replace Taiwanese with Chinese for related translation</para></listitem></varlistentry><varlistentry><term>0.46.2</term><listitem><para>2004-05-22/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.46.1</term><listitem><para>2004-04-18/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.46</term><listitem><para>2004-03-04/PB: announce Italian translation, add information about DHCPv6, minor updates</para></listitem></varlistentry><varlistentry><term>0.45.1</term><listitem><para>2004-01-12/PB: add note about the official example address space</para></listitem></varlistentry><varlistentry><term>0.45</term><listitem><para>2004-01-11/PB: minor fixes, add/fix some URLs, some extensions</para></listitem></varlistentry><varlistentry><term>0.44.2</term><listitem><para>2003-10-30/PB: fix some copy&amp;paste text bugs</para></listitem></varlistentry><varlistentry><term>0.44.1</term><listitem><para>2003-10-19/PB: add note about start of Italian translation</para></listitem></varlistentry><varlistentry><term>0.44</term><listitem><para>2003-08-15/PB: fix URLs, add hint on tcp_wrappers (about broken notation in some versions) and Apache2</para></listitem></varlistentry><varlistentry><term>0.43.4</term><listitem><para>2003-07-26/PB: fix URL, add archive URL for maillist users at ipv6.org, add some ds6 URLs</para></listitem></varlistentry><varlistentry><term>0.43.3</term><listitem><para>2003-06-19/PB: fix typos</para></listitem></varlistentry><varlistentry><term>0.43.2</term><listitem><para>2003-06-11/PB: fix URL</para></listitem></varlistentry><varlistentry><term>0.43.1</term><listitem><para>2003-06-07/PB: fix some URLs, fix credits, add some notes at IPsec</para></listitem></varlistentry><varlistentry><term>0.43</term><listitem><para>2003-06-05/PB: add some notes about configuration in SuSE Linux, add URL of French translation</para></listitem></varlistentry><varlistentry><term>0.42</term><listitem><para>2003-05-09/PB: minor fixes, announce French translation</para></listitem></varlistentry><varlistentry><term>0.41.4</term><listitem><para>2003-05-02/PB: Remove a broken URL, update some others.</para></listitem></varlistentry><varlistentry><term>0.41.3</term><listitem><para>2003-04-23/PB: Minor fixes, remove a broken URL, fix URL to Taiwanese translation</para></listitem></varlistentry><varlistentry><term>0.41.2</term><listitem><para>2003-04-13/PB: Fix some typos, add a note about a French translation is in progress</para></listitem></varlistentry><varlistentry><term>0.41.1</term><listitem><para>2003-03-31/PB: Remove a broken URL, fix another</para></listitem></varlistentry><varlistentry><term>0.41</term><listitem><para>2003-03-22/PB: Add URL of German translation</para></listitem></varlistentry><varlistentry><term>0.40.2</term><listitem><para>2003-02-27/PB: Fix a misaddressed URL</para></listitem></varlistentry><varlistentry><term>0.40.1</term><listitem><para>2003-02-12/PB: Add Debian-Linux-Configuration, add a minor note on translations</para></listitem></varlistentry><varlistentry><term>0.40</term><listitem><para>2003-02-10/PB: Announcing available German version</para></listitem></varlistentry><varlistentry><term>0.39.2</term><listitem><para>2003-02-10/GK: Minor syntax and spelling fixes</para></listitem></varlistentry><varlistentry><term>0.39.1</term><listitem><para>2003-01-09/PB: fix an URL (draft adopted to an RFC)</para></listitem></varlistentry><varlistentry><term>0.39</term><listitem><para>2003-01-13/PB: fix a bug (forgotten 'link&rdquo; on &ldquo;ip link set&rdquo; (credits to Yaniv Kaul)</para></listitem></varlistentry><varlistentry><term>0.38.1</term><listitem><para>2003-01-09/PB: a minor fix</para></listitem></varlistentry><varlistentry><term>0.38</term><listitem><para>2003-01-06/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.37.1</term><listitem><para>2003-01-05/PB: minor updates</para></listitem></varlistentry><varlistentry><term>0.37</term><listitem><para>2002-12-31/GK: 270 new links added (searched in 1232 SearchEngines) in existing and 53 new (sub)sections</para></listitem></varlistentry><varlistentry><term>0.36.1</term><listitem><para>2002-12-20/PB: Minor fixes</para></listitem></varlistentry><varlistentry><term>0.36</term><listitem><para>2002-12-16/PB: Check of and fix broken links (credits to Georg Käfer), some spelling fixes</para></listitem></varlistentry><varlistentry><term>0.35</term><listitem><para>2002-12-11/PB: Some fixes and extensions</para></listitem></varlistentry><varlistentry><term>0.34.1</term><listitem><para>2002-11-25/PB: Some fixes (e.g. broken linuxdoc URLs)</para></listitem></varlistentry><varlistentry><term>0.34</term><listitem><para>2002-11-19/PB: Add information about German translation (work in progress), some fixes, create a small shortcut explanation list, extend &ldquo;used terms&rdquo; and add two German books</para></listitem></varlistentry><varlistentry><term>0.33</term><listitem><para>2002-11-18/PB: Fix broken RFC-URLs, add parameter ttl on 6to4 tunnel setup example</para></listitem></varlistentry><varlistentry><term>0.32</term><listitem><para>2002-11-03/PB: Add information about Taiwanese translation</para></listitem></varlistentry><varlistentry><term>0.31.1</term><listitem><para>2002-10-06/PB: Add another maillist</para></listitem></varlistentry><varlistentry><term>0.31</term><listitem><para>2002-09-29/PB: Extend information in proc-filesystem entries</para></listitem></varlistentry><varlistentry><term>0.30</term><listitem><para>2002-09-27/PB: Add some maillists</para></listitem></varlistentry><varlistentry><term>0.29</term><listitem><para>2002-09-18/PB: Update statement about nmap (triggered by Fyodor)</para></listitem></varlistentry><varlistentry><term>0.28.1</term><listitem><para>2002-09-16/PB: Add note about ping6 to multicast addresses, add some labels</para></listitem></varlistentry><varlistentry><term>0.28</term><listitem><para>2002-08-17/PB: Fix broken LDP/CVS links, add info about Polish translation, add URL of the IPv6 Address Oracle</para></listitem></varlistentry><varlistentry><term>0.27</term><listitem><para>2002-08-10/PB: Some minor updates</para></listitem></varlistentry><varlistentry><term>0.26.2</term><listitem><para>2002-07-15/PB: Add information neighbor discovery, split of firewalling (got some updates) and security into extra chapters</para></listitem></varlistentry><varlistentry><term>0.26.1</term><listitem><para>2002-07-13/PB: Update nmap/IPv6 information</para></listitem></varlistentry><varlistentry><term>0.26</term><listitem><para>2002-07-13/PB: Fill /proc-filesystem chapter, update DNS information about depricated A6/DNAME, change P-t-P tunnel setup to use of &ldquo;ip&rdquo; only</para></listitem></varlistentry><varlistentry><term>0.25.2</term><listitem><para>2002-07-11/PB: Minor spelling fixes</para></listitem></varlistentry><varlistentry><term>0.25.1</term><listitem><para>2002-06-23/PB: Minor spelling and other fixes</para></listitem></varlistentry><varlistentry><term>0.25</term><listitem><para>2002-05-16/PB: Cosmetic fix for 2^128, thanks to José Abílio Oliveira Matos for help with LyX</para></listitem></varlistentry><varlistentry><term>0.24</term><listitem><para>2002-05-02/PB: Add entries in URL list, minor spelling fixes</para></listitem></varlistentry><varlistentry><term>0.23</term><listitem><para>2002-03-27/PB: Add entries in URL list and at maillists, add a label and minor information about IPv6 on RHL</para></listitem></varlistentry><varlistentry><term>0.22</term><listitem><para>2002-03-04/PB: Add info about 6to4 support in kernel series 2.2.x and add an entry in URL list and at maillists</para></listitem></varlistentry><varlistentry><term>0.21</term><listitem><para>2002-02-26/PB: Migrate next grammar checks submitted by John Ronan </para></listitem></varlistentry><varlistentry><term>0.20.4</term><listitem><para>2002-02-21/PB: Migrate more grammar checks submitted by John Ronan, add some additional hints at DNS section </para></listitem></varlistentry><varlistentry><term>0.20.3</term><listitem><para>2002-02-12/PB: Migrate a minor grammar check patch submitted by John Ronan</para></listitem></varlistentry><varlistentry><term>0.20.2</term><listitem><para>2002-02-05/PB: Add mipl to maillist table</para></listitem></varlistentry><varlistentry><term>0.20.1</term><listitem><para>2002-01-31/PB: Add a hint how to generate 6to4 addresses</para></listitem></varlistentry><varlistentry><term>0.20</term><listitem><para>2002-01-30/PB: Add a hint about default route problem, some minor updates</para></listitem></varlistentry><varlistentry><term>0.19.2</term><listitem><para>2002-01-29/PB: Add many new URLs</para></listitem></varlistentry><varlistentry><term>0.19.1</term><listitem><para>2002-01-27/PB: Add some forgotten URLs</para></listitem></varlistentry><varlistentry><term>0.19</term><listitem><para>2002-01-25/PB: Add two German books, fix quote entinities in exported SGML code</para></listitem></varlistentry><varlistentry><term>0.18.2</term><listitem><para>2002-01-23/PB: Add a FAQ on the program chapter</para></listitem></varlistentry><varlistentry><term>0.18.1</term><listitem><para>2002-01-23/PB: Move &ldquo;the end&rdquo; to the end, add USAGI to maillists</para></listitem></varlistentry><varlistentry><term>0.18</term><listitem><para>2002-01-22/PB: Fix bugs in explanation of multicast address types</para></listitem></varlistentry><varlistentry><term>0.17.2</term><listitem><para>2002-01-22/PB: Cosmetic fix double existing text in history (at 0.16), move all credits to the end of the document</para></listitem></varlistentry><varlistentry><term>0.17.1</term><listitem><para>2002-01-20/PB: Add a reference, fix URL text in online-test-tools</para></listitem></varlistentry><varlistentry><term>0.17</term><listitem><para>2002-01-19/PB: Add some forgotten information and URLs about global IPv6 addresses</para></listitem></varlistentry><varlistentry><term>0.16</term><listitem><para>2002-01-19/PB: Minor fixes, remove &ldquo;bold&rdquo; and &ldquo;emphasize&rdquo; formats on code lines, fix &ldquo;too long unwrapped code lines&rdquo; using selfmade utility, extend list of URLs.</para></listitem></varlistentry><varlistentry><term>0.15</term><listitem><para>2002-01-15/PB: Fix bug in addresstype/anycast, move content related credits to end of document</para></listitem></varlistentry><varlistentry><term>0.14</term><listitem><para>2002-01-14/PB: Minor review at all, new chapter &ldquo;debugging&rdquo;, review &ldquo;addresses&rdquo;, spell checking, grammar checking (from beginning to 3.4.1) by Martin Krafft, add tcpdump examples, copy firewalling/netfilter6 from IPv6+Linux-HowTo, minor enhancements</para></listitem></varlistentry><varlistentry><term>0.13</term><listitem><para>2002-01-05/PB: Add example BIND9/host, move revision history to end of document, minor extensions</para></listitem></varlistentry><varlistentry><term>0.12</term><listitem><para>2002-01-03/PB: Merge review of David Ranch</para></listitem></varlistentry><varlistentry><term>0.11</term><listitem><para>2002-01-02/PB: Spell checking and merge review of Pekka Savola</para></listitem></varlistentry><varlistentry><term>0.10</term><listitem><para>2002-01-02/PB: First public release of chapter 1</para></listitem></varlistentry></variablelist></sect2></sect1><sect1 id='credits' >
+<varlistentry><term>0.66</term><listitem><para>2010-04-20/PB: extend QoS section with examples, 20130513/PB: add IPv6 NAT hints, 20130521/PB: review dhcpd, 20131019/bie: general review, 20140502/bie: add hints for nftables</para></listitem></varlistentry><varlistentry><term>0.65</term><listitem><para>2009-12-13/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.64</term><listitem><para>2009-06-11/PB: extend DHCP server examples (ISC DHCP, Dibbler)</para></listitem></varlistentry><varlistentry><term>0.63</term><listitem><para>2009-02-14/PB: Fix FSF address, major update on 4in6 tunnels, add new section for address resolving, add some URLs, remove broken URLs</para></listitem></varlistentry><varlistentry><term>0.62</term><listitem><para>2008-11-09/PB: Adjust URL to Turkish howto, add some HIP related URLs, remove broken URLs</para></listitem></varlistentry><varlistentry><term>0.61.1</term><listitem><para>2007-11-11/PB: fix broken description of shortcut BIND</para></listitem></varlistentry><varlistentry><term>0.61</term><listitem><para>2007-10-06/PB: fix broken URLs to TLDP-CVS, minor URL update.</para></listitem></varlistentry><varlistentry><term>0.60.2</term><listitem><para>2007-10-03/PB: fix description of sysctl/autoconf (credits to Francois-Xavier Le Bail)</para></listitem></varlistentry><varlistentry><term>0.60.1</term><listitem><para>2007-06-16/PB: speling fixes (credits to Larry W. Burton)</para></listitem></varlistentry><varlistentry><term>0.60</term><listitem><para>2007-05-29/PB: import major contribution to Programming using C-API written by John Wenker, minor fixes</para></listitem></varlistentry><varlistentry><term>0.52</term><listitem><para>2007-05-23/PB: update firewalling chapter, improve document for proper SGML validation, minor bugfixes</para></listitem></varlistentry><varlistentry><term>0.51</term><listitem><para>2006-11-08/PB: remove broken URLs, add a new book (credits to Bryan Vukich)</para></listitem></varlistentry><varlistentry><term>0.50.2</term><listitem><para>2006-10-25/PB: fix typo in dhcp6 section (credits to Michele Ferritto)</para></listitem></varlistentry><varlistentry><term>0.50.1</term><listitem><para>2006-09-23/PB: add some URLs</para></listitem></varlistentry><varlistentry><term>0.50</term><listitem><para>2006-08-24/PB: check RFC URLs, fix URL to Chinese translation, finalize for publishing</para></listitem></varlistentry><varlistentry><term>0.49.5</term><listitem><para>2006-08-23/PB: fix/remove broken URLs</para></listitem></varlistentry><varlistentry><term>0.49.4</term><listitem><para>2006-08-21/PB: some review, update and enhancement of the content, replace old 6bone example addresses with the current defined ones.</para></listitem></varlistentry><varlistentry><term>0.49.3</term><listitem><para>2006-08-20/PB: fix bug in maillist entries, 'mobility' is now a separate chapter</para></listitem></varlistentry><varlistentry><term>0.49.2</term><listitem><para>2006-08-20/PB: update and cleanup of maillist entries</para></listitem></varlistentry><varlistentry><term>0.49.1</term><listitem><para>2006-06-13/PB: major update of mobility section (contributed by Benjamin Thery)</para></listitem></varlistentry><varlistentry><term>0.49</term><listitem><para>2005-10-03/PB: add configuration hints for DHCPv6, major broken URL cleanup (credits to Necdet Yucel)</para></listitem></varlistentry><varlistentry><term>0.48.1</term><listitem><para>2005-01-15/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.48</term><listitem><para>2005-01-11/PB: grammar check and minor review of IPv6 IPsec section</para></listitem></varlistentry><varlistentry><term>0.47.1</term><listitem><para>2005-01-01/PB: add information and examples about IPv6 IPsec, add some URLs</para></listitem></varlistentry><varlistentry><term>0.47</term><listitem><para>2004-08-30/PB: add some notes about proftpd, vsftpd and other daemons, add some URLs, minor fixes, update status of Spanish translation</para></listitem></varlistentry><varlistentry><term>0.46.4</term><listitem><para>2004-07-19/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.46.3</term><listitem><para>2004-06-23/PB: add note about started Greek translation, replace Taiwanese with Chinese for related translation</para></listitem></varlistentry><varlistentry><term>0.46.2</term><listitem><para>2004-05-22/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.46.1</term><listitem><para>2004-04-18/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.46</term><listitem><para>2004-03-04/PB: announce Italian translation, add information about DHCPv6, minor updates</para></listitem></varlistentry><varlistentry><term>0.45.1</term><listitem><para>2004-01-12/PB: add note about the official example address space</para></listitem></varlistentry><varlistentry><term>0.45</term><listitem><para>2004-01-11/PB: minor fixes, add/fix some URLs, some extensions</para></listitem></varlistentry><varlistentry><term>0.44.2</term><listitem><para>2003-10-30/PB: fix some copy&amp;paste text bugs</para></listitem></varlistentry><varlistentry><term>0.44.1</term><listitem><para>2003-10-19/PB: add note about start of Italian translation</para></listitem></varlistentry><varlistentry><term>0.44</term><listitem><para>2003-08-15/PB: fix URLs, add hint on tcp_wrappers (about broken notation in some versions) and Apache2</para></listitem></varlistentry><varlistentry><term>0.43.4</term><listitem><para>2003-07-26/PB: fix URL, add archive URL for maillist users at ipv6.org, add some ds6 URLs</para></listitem></varlistentry><varlistentry><term>0.43.3</term><listitem><para>2003-06-19/PB: fix typos</para></listitem></varlistentry><varlistentry><term>0.43.2</term><listitem><para>2003-06-11/PB: fix URL</para></listitem></varlistentry><varlistentry><term>0.43.1</term><listitem><para>2003-06-07/PB: fix some URLs, fix credits, add some notes at IPsec</para></listitem></varlistentry><varlistentry><term>0.43</term><listitem><para>2003-06-05/PB: add some notes about configuration in SuSE Linux, add URL of French translation</para></listitem></varlistentry><varlistentry><term>0.42</term><listitem><para>2003-05-09/PB: minor fixes, announce French translation</para></listitem></varlistentry><varlistentry><term>0.41.4</term><listitem><para>2003-05-02/PB: Remove a broken URL, update some others.</para></listitem></varlistentry><varlistentry><term>0.41.3</term><listitem><para>2003-04-23/PB: Minor fixes, remove a broken URL, fix URL to Taiwanese translation</para></listitem></varlistentry><varlistentry><term>0.41.2</term><listitem><para>2003-04-13/PB: Fix some typos, add a note about a French translation is in progress</para></listitem></varlistentry><varlistentry><term>0.41.1</term><listitem><para>2003-03-31/PB: Remove a broken URL, fix another</para></listitem></varlistentry><varlistentry><term>0.41</term><listitem><para>2003-03-22/PB: Add URL of German translation</para></listitem></varlistentry><varlistentry><term>0.40.2</term><listitem><para>2003-02-27/PB: Fix a misaddressed URL</para></listitem></varlistentry><varlistentry><term>0.40.1</term><listitem><para>2003-02-12/PB: Add Debian-Linux-Configuration, add a minor note on translations</para></listitem></varlistentry><varlistentry><term>0.40</term><listitem><para>2003-02-10/PB: Announcing available German version</para></listitem></varlistentry><varlistentry><term>0.39.2</term><listitem><para>2003-02-10/GK: Minor syntax and spelling fixes</para></listitem></varlistentry><varlistentry><term>0.39.1</term><listitem><para>2003-01-09/PB: fix an URL (draft adopted to an RFC)</para></listitem></varlistentry><varlistentry><term>0.39</term><listitem><para>2003-01-13/PB: fix a bug (forgotten 'link&rdquo; on &ldquo;ip link set&rdquo; (credits to Yaniv Kaul)</para></listitem></varlistentry><varlistentry><term>0.38.1</term><listitem><para>2003-01-09/PB: a minor fix</para></listitem></varlistentry><varlistentry><term>0.38</term><listitem><para>2003-01-06/PB: minor fixes</para></listitem></varlistentry><varlistentry><term>0.37.1</term><listitem><para>2003-01-05/PB: minor updates</para></listitem></varlistentry><varlistentry><term>0.37</term><listitem><para>2002-12-31/GK: 270 new links added (searched in 1232 SearchEngines) in existing and 53 new (sub)sections</para></listitem></varlistentry><varlistentry><term>0.36.1</term><listitem><para>2002-12-20/PB: Minor fixes</para></listitem></varlistentry><varlistentry><term>0.36</term><listitem><para>2002-12-16/PB: Check of and fix broken links (credits to Georg Käfer), some spelling fixes</para></listitem></varlistentry><varlistentry><term>0.35</term><listitem><para>2002-12-11/PB: Some fixes and extensions</para></listitem></varlistentry><varlistentry><term>0.34.1</term><listitem><para>2002-11-25/PB: Some fixes (e.g. broken linuxdoc URLs)</para></listitem></varlistentry><varlistentry><term>0.34</term><listitem><para>2002-11-19/PB: Add information about German translation (work in progress), some fixes, create a small shortcut explanation list, extend &ldquo;used terms&rdquo; and add two German books</para></listitem></varlistentry><varlistentry><term>0.33</term><listitem><para>2002-11-18/PB: Fix broken RFC-URLs, add parameter ttl on 6to4 tunnel setup example</para></listitem></varlistentry><varlistentry><term>0.32</term><listitem><para>2002-11-03/PB: Add information about Taiwanese translation</para></listitem></varlistentry><varlistentry><term>0.31.1</term><listitem><para>2002-10-06/PB: Add another maillist</para></listitem></varlistentry><varlistentry><term>0.31</term><listitem><para>2002-09-29/PB: Extend information in proc-filesystem entries</para></listitem></varlistentry><varlistentry><term>0.30</term><listitem><para>2002-09-27/PB: Add some maillists</para></listitem></varlistentry><varlistentry><term>0.29</term><listitem><para>2002-09-18/PB: Update statement about nmap (triggered by Fyodor)</para></listitem></varlistentry><varlistentry><term>0.28.1</term><listitem><para>2002-09-16/PB: Add note about ping6 to multicast addresses, add some labels</para></listitem></varlistentry><varlistentry><term>0.28</term><listitem><para>2002-08-17/PB: Fix broken LDP/CVS links, add info about Polish translation, add URL of the IPv6 Address Oracle</para></listitem></varlistentry><varlistentry><term>0.27</term><listitem><para>2002-08-10/PB: Some minor updates</para></listitem></varlistentry><varlistentry><term>0.26.2</term><listitem><para>2002-07-15/PB: Add information neighbor discovery, split of firewalling (got some updates) and security into extra chapters</para></listitem></varlistentry><varlistentry><term>0.26.1</term><listitem><para>2002-07-13/PB: Update nmap/IPv6 information</para></listitem></varlistentry><varlistentry><term>0.26</term><listitem><para>2002-07-13/PB: Fill /proc-filesystem chapter, update DNS information about depricated A6/DNAME, change P-t-P tunnel setup to use of &ldquo;ip&rdquo; only</para></listitem></varlistentry><varlistentry><term>0.25.2</term><listitem><para>2002-07-11/PB: Minor spelling fixes</para></listitem></varlistentry><varlistentry><term>0.25.1</term><listitem><para>2002-06-23/PB: Minor spelling and other fixes</para></listitem></varlistentry><varlistentry><term>0.25</term><listitem><para>2002-05-16/PB: Cosmetic fix for 2^128, thanks to José Abílio Oliveira Matos for help with LyX</para></listitem></varlistentry><varlistentry><term>0.24</term><listitem><para>2002-05-02/PB: Add entries in URL list, minor spelling fixes</para></listitem></varlistentry><varlistentry><term>0.23</term><listitem><para>2002-03-27/PB: Add entries in URL list and at maillists, add a label and minor information about IPv6 on RHL</para></listitem></varlistentry><varlistentry><term>0.22</term><listitem><para>2002-03-04/PB: Add info about 6to4 support in kernel series 2.2.x and add an entry in URL list and at maillists</para></listitem></varlistentry><varlistentry><term>0.21</term><listitem><para>2002-02-26/PB: Migrate next grammar checks submitted by John Ronan </para></listitem></varlistentry><varlistentry><term>0.20.4</term><listitem><para>2002-02-21/PB: Migrate more grammar checks submitted by John Ronan, add some additional hints at DNS section </para></listitem></varlistentry><varlistentry><term>0.20.3</term><listitem><para>2002-02-12/PB: Migrate a minor grammar check patch submitted by John Ronan</para></listitem></varlistentry><varlistentry><term>0.20.2</term><listitem><para>2002-02-05/PB: Add mipl to maillist table</para></listitem></varlistentry><varlistentry><term>0.20.1</term><listitem><para>2002-01-31/PB: Add a hint how to generate 6to4 addresses</para></listitem></varlistentry><varlistentry><term>0.20</term><listitem><para>2002-01-30/PB: Add a hint about default route problem, some minor updates</para></listitem></varlistentry><varlistentry><term>0.19.2</term><listitem><para>2002-01-29/PB: Add many new URLs</para></listitem></varlistentry><varlistentry><term>0.19.1</term><listitem><para>2002-01-27/PB: Add some forgotten URLs</para></listitem></varlistentry><varlistentry><term>0.19</term><listitem><para>2002-01-25/PB: Add two German books, fix quote entinities in exported SGML code</para></listitem></varlistentry><varlistentry><term>0.18.2</term><listitem><para>2002-01-23/PB: Add a FAQ on the program chapter</para></listitem></varlistentry><varlistentry><term>0.18.1</term><listitem><para>2002-01-23/PB: Move &ldquo;the end&rdquo; to the end, add USAGI to maillists</para></listitem></varlistentry><varlistentry><term>0.18</term><listitem><para>2002-01-22/PB: Fix bugs in explanation of multicast address types</para></listitem></varlistentry><varlistentry><term>0.17.2</term><listitem><para>2002-01-22/PB: Cosmetic fix double existing text in history (at 0.16), move all credits to the end of the document</para></listitem></varlistentry><varlistentry><term>0.17.1</term><listitem><para>2002-01-20/PB: Add a reference, fix URL text in online-test-tools</para></listitem></varlistentry><varlistentry><term>0.17</term><listitem><para>2002-01-19/PB: Add some forgotten information and URLs about global IPv6 addresses</para></listitem></varlistentry><varlistentry><term>0.16</term><listitem><para>2002-01-19/PB: Minor fixes, remove &ldquo;bold&rdquo; and &ldquo;emphasize&rdquo; formats on code lines, fix &ldquo;too long unwrapped code lines&rdquo; using selfmade utility, extend list of URLs.</para></listitem></varlistentry><varlistentry><term>0.15</term><listitem><para>2002-01-15/PB: Fix bug in addresstype/anycast, move content related credits to end of document</para></listitem></varlistentry><varlistentry><term>0.14</term><listitem><para>2002-01-14/PB: Minor review at all, new chapter &ldquo;debugging&rdquo;, review &ldquo;addresses&rdquo;, spell checking, grammar checking (from beginning to 3.4.1) by Martin Krafft, add tcpdump examples, copy firewalling/netfilter6 from IPv6+Linux-HowTo, minor enhancements</para></listitem></varlistentry><varlistentry><term>0.13</term><listitem><para>2002-01-05/PB: Add example BIND9/host, move revision history to end of document, minor extensions</para></listitem></varlistentry><varlistentry><term>0.12</term><listitem><para>2002-01-03/PB: Merge review of David Ranch</para></listitem></varlistentry><varlistentry><term>0.11</term><listitem><para>2002-01-02/PB: Spell checking and merge review of Pekka Savola</para></listitem></varlistentry><varlistentry><term>0.10</term><listitem><para>2002-01-02/PB: First public release of chapter 1</para></listitem></varlistentry></variablelist></sect2></sect1><sect1 id='credits' >
 <title><!-- anchor id="credits" -->Credits</title>
 <para>The quickest way to be added to this nice list is to send bug fixes, corrections, and/or updates to me ;-).</para>
 <para>If you want to do a major review, you can use the native LyX file (see <link linkend="general-original-source">original source</link>) and send diffs against it, because diffs against SGML don't help too much.</para><sect2 id='major-credits' >
diff --git a/LDP/users/Peter-Bieringer/generate-en-de.sh b/LDP/users/Peter-Bieringer/generate-en-de.sh
index bb138a0a..7d0d8dfd 100755
--- a/LDP/users/Peter-Bieringer/generate-en-de.sh
+++ b/LDP/users/Peter-Bieringer/generate-en-de.sh
@@ -5,7 +5,7 @@
 list="Linux+IPv6-HOWTO.sgml Linux+IPv6-HOWTO.de.sgml"
 
 for lyx in $list; do
-	./generate.sh $lyx
+	./generate.sh $lyx $*
 done
 
 echo -en "\a"
diff --git a/LDP/users/Peter-Bieringer/generate.sh b/LDP/users/Peter-Bieringer/generate.sh
index 32b2f027..fb4d6174 100755
--- a/LDP/users/Peter-Bieringer/generate.sh
+++ b/LDP/users/Peter-Bieringer/generate.sh
@@ -197,9 +197,9 @@ create_html_multipage() {
 }
 
 create_html_singlepage() {
-	echo "INFO  : Create HTML singlepage '$file_html'"
+	echo "INFO  : Create HTML singlepage '$file_html' from '$file_input'"
 	[ $loglevel -ge 7 ] && set -x
-	$JADE -t sgml -i html -V nochunks -d "${file_ldpdsl}#html" -o $file_html $file_input >/dev/null
+	$JADE -t sgml -i html -V nochunks -d "${file_ldpdsl}#html" $file_input >$file_html
 	local retval=$?
 	[ $loglevel -ge 7 ] && set +x