From 96d6e1b69bee30918ae4e89bec86b138e8b2cb14 Mon Sep 17 00:00:00 2001
From: pbldp <>
Date: Sat, 10 May 2014 08:40:25 +0000
Subject: [PATCH] update last change date
---
.../Peter-Bieringer/Linux+IPv6-HOWTO.de.html | 2 +-
.../Peter-Bieringer/Linux+IPv6-HOWTO.de.lyx | 1270 +------
.../Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf | Bin 522747 -> 522734 bytes
.../Peter-Bieringer/Linux+IPv6-HOWTO.de.sgml | 2 +-
.../Peter-Bieringer/Linux+IPv6-HOWTO.html | 2 +-
.../Peter-Bieringer/Linux+IPv6-HOWTO.lyx | 3054 +----------------
.../Peter-Bieringer/Linux+IPv6-HOWTO.pdf | Bin 586774 -> 586777 bytes
.../Peter-Bieringer/Linux+IPv6-HOWTO.sgml | 2 +-
8 files changed, 6 insertions(+), 4326 deletions(-)
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
index 7d44782c..1e1fe90e 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
@@ -62,7 +62,7 @@ ALIGN="LEFT"
>Version 0.66wip.de.1
2014-05-02 | 2014-05-10Geändert durch: PB | 0.66wip.de.1 2014-05-02 0.66wip.de.1 2014-05-10 PB
\end_layout
@@ -463,7 +463,6 @@ CVS-Information:
\end_layout
\begin_layout Code
-
CVS-ID: $Id$
\end_layout
@@ -1260,7 +1259,6 @@ In allgemeinen Beispielen können Sie öfters lesen:
\end_layout
\begin_layout Code
-
\end_layout
@@ -1272,7 +1270,6 @@ In Skripts oder an Ihrer Kommandozeile müssen Sie die < und > weglassen
\end_layout
\begin_layout Code
-
1.2.3.4
\end_layout
@@ -1286,7 +1283,6 @@ Kommandos, die nicht als Root-Benutzer ausgeführt werden, beginnen mit $,
\end_layout
\begin_layout Code
-
$ whoami
\end_layout
@@ -1295,7 +1291,6 @@ Befehle, die mit Root-Rechten ausgeführt werden, beginnen mit #, z.B.
\end_layout
\begin_layout Code
-
# whoami
\end_layout
@@ -1485,72 +1480,58 @@ Der erste IPv6 Netzwerk Code wurde dem Linux Kernel 2.1.8 im November 1996
\end_layout
\begin_layout Code
-
diff -u --recursive --new-file v2.1.7/linux/include/linux/in6.h
\end_layout
\begin_layout Code
-
¬ linux/include/linux/in6.h
\end_layout
\begin_layout Code
-
--- v2.1.7/linux/include/linux/in6.h Thu Jan 1 02:00:00 1970
\end_layout
\begin_layout Code
-
+++ linux/include/linux/in6.h Sun Nov 3 11:04:42 1996
\end_layout
\begin_layout Code
-
@@ -0,0 +1,99 @@
\end_layout
\begin_layout Code
-
+/*
\end_layout
\begin_layout Code
-
+ * Types and definitions for AF_INET6
\end_layout
\begin_layout Code
-
+ * Linux INET6 implementation
\end_layout
\begin_layout Code
-
+ * + * Authors:
\end_layout
\begin_layout Code
-
+ * Pedro Roque <******>
\end_layout
\begin_layout Code
-
+ *
\end_layout
\begin_layout Code
-
+ * Source:
\end_layout
\begin_layout Code
-
+ * IPv6 Program Interfaces for BSD Systems
\end_layout
\begin_layout Code
-
+ *
\end_layout
@@ -1672,7 +1653,6 @@ Wie gesagt, IPv6 Adressen sind 128 bit lang.
\end_layout
\begin_layout Code
-
2^128-1: 340282366920938463463374607431768211455
\end_layout
@@ -1696,7 +1676,6 @@ nibble
\end_layout
\begin_layout Code
-
2^128-1: 0xffffffffffffffffffffffffffffffff
\end_layout
@@ -1719,7 +1698,6 @@ e Werte) entfernt:
\end_layout
\begin_layout Code
-
2^128-1: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
\end_layout
@@ -1730,7 +1708,6 @@ Eine gültige Adresse (s.u.
\end_layout
\begin_layout Code
-
2001:0db8:0100:f101:0210:a4ff:fee3:9566
\end_layout
@@ -1741,12 +1718,10 @@ Der Vereinfachung halber können führende Nullen jedes 16 bit-Blocks weggelasse
\end_layout
\begin_layout Code
-
2001:0db8:0100:f101:0210:a4ff:fee3:9566 ->
\end_layout
\begin_layout Code
-
¬ 2001:0db8:100:f101:210:a4ff:fee3:9566
\end_layout
@@ -1769,7 +1744,6 @@ Eine Sequenz von 16 bit-Blöcken, die nur Nullen enthaltet, kann durch ein
\end_layout
\begin_layout Code
-
2001:0db8:100:f101:0:0:0:1 -> 2001:0db8:100:f101::1
\end_layout
@@ -1779,7 +1753,6 @@ Die höchstmögliche Reduktion sieht man bei der IPv6 Localhost Adresse:
\end_layout
\begin_layout Code
-
0000:0000:0000:0000:0000:0000:0000:0001 -> ::1
\end_layout
@@ -1804,12 +1777,10 @@ h ein Aprilscherz.
\end_layout
\begin_layout Code
-
# ipv6calc --addr_to_base85 2001:0db8:0100:f101:0210:a4ff:fee3:9566
\end_layout
\begin_layout Code
-
Itu&-ZQ82s>J%s99FJXT
\end_layout
@@ -2022,7 +1993,6 @@ Dies ist eine spezielle Adresse für das Loopback Interface, vergleichbar
\end_layout
\begin_layout Code
-
0000:0000:0000:0000:0000:0000:0000:0001
\end_layout
@@ -2032,7 +2002,6 @@ bzw.
\end_layout
\begin_layout Code
-
::1
\end_layout
@@ -2068,7 +2037,6 @@ any
\end_layout
\begin_layout Code
-
0000:0000:0000:0000:0000:0000:0000:0000
\end_layout
@@ -2077,7 +2045,6 @@ oder:
\end_layout
\begin_layout Code
-
::
\end_layout
@@ -2123,7 +2090,6 @@ Diese Adressen sind mit einer speziellen Präfixlänge von 96 definiert (a.b.c.d
\end_layout
\begin_layout Code
-
0:0:0:0:0:ffff:a.b.c.d/96
\end_layout
@@ -2132,7 +2098,6 @@ oder in komprimiertem Format:
\end_layout
\begin_layout Code
-
::ffff:a.b.c.d/96
\end_layout
@@ -2143,7 +2108,6 @@ Die IPv4 Adresse 1.2.3.4.
\end_layout
\begin_layout Code
-
::ffff:1.2.3.4
\end_layout
@@ -2172,7 +2136,6 @@ reference "tunneling-6to4"
\end_layout
\begin_layout Code
-
0:0:0:0:0:0:a.b.c.d/96
\end_layout
@@ -2181,7 +2144,6 @@ oder in komprimierter Form:
\end_layout
\begin_layout Code
-
::a.b.c.d/96
\end_layout
@@ -2266,22 +2228,18 @@ x
\end_layout
\begin_layout Code
-
fe8x: <- zurzeit als einziger in Benutzung
\end_layout
\begin_layout Code
-
fe9x:
\end_layout
\begin_layout Code
-
feax:
\end_layout
\begin_layout Code
-
febx:
\end_layout
@@ -2321,22 +2279,18 @@ Die Adresse beginnt mit:
\end_layout
\begin_layout Code
-
fecx: <- meistens genutzt.
\end_layout
\begin_layout Code
-
fedx:
\end_layout
\begin_layout Code
-
feex:
\end_layout
\begin_layout Code
-
fefx:
\end_layout
@@ -2424,12 +2378,10 @@ Die Adresse beginnt mit:
\end_layout
\begin_layout Code
-
fcxx:
\end_layout
\begin_layout Code
-
fdxx: <- zurzeit als einziger in Benutzung
\end_layout
@@ -2457,7 +2409,6 @@ target "http://www.goebel-consult.de/ipv6/createLULA"
\end_layout
\begin_layout Code
-
fd0f:8b72:ac90::/48
\end_layout
@@ -2486,12 +2437,10 @@ Die Adresse beginnt mit (x sind hexadezimale Zeichen)
\end_layout
\begin_layout Code
-
2xxx:
\end_layout
\begin_layout Code
-
3xxx:
\end_layout
@@ -2523,7 +2472,6 @@ Diese globalen Adressen waren die Ersten definierten und auch benutzen Adressen.
\end_layout
\begin_layout Code
-
3ffe:
\end_layout
@@ -2532,7 +2480,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
3ffe:ffff:100:f102::1
\end_layout
@@ -2542,7 +2489,6 @@ Eine spezielle 6bone Test-Adresse, die niemals weltweit einmalig ist, beginnt
\end_layout
\begin_layout Code
-
3ffe:ffff:
\end_layout
@@ -2601,7 +2547,6 @@ target "http://www.faqs.org/rfcs/rfc2893.html"
\end_layout
\begin_layout Code
-
2002:
\end_layout
@@ -2611,7 +2556,6 @@ z.B.
\end_layout
\begin_layout Code
-
2002:c0a8:0101:5::1
\end_layout
@@ -2620,12 +2564,10 @@ Ein kleines Shell-Kommando kann aus einer IPv4 eine 6to4 Adresse erstellen:
\end_layout
\begin_layout Code
-
ipv4="1.2.3.4"; sla="5"; printf "2002:%02x%02x:%02x%02x:%04x::1" `echo $ipv4
\end_layout
\begin_layout Code
-
¬ | tr "." " "` $sla
\end_layout
@@ -2659,7 +2601,6 @@ Diese Adressen werden an Internet Service Provider (ISP) delegiert und beginnen
\end_layout
\begin_layout Code
-
2001:
\end_layout
@@ -2702,12 +2643,10 @@ target "http://www.faqs.org/rfcs/rfc3849.html"
\end_layout
\begin_layout Code
-
3ffe:ffff::/32
\end_layout
\begin_layout Code
-
2001:0DB8::/32 EXAMPLENET-WF
\end_layout
@@ -2732,7 +2671,6 @@ Sie beginnen immer mit (xx ist hierbei der Wert der Reichweite)
\end_layout
\begin_layout Code
-
ffxy:
\end_layout
@@ -2828,7 +2766,6 @@ Ein Beispiel für diese Adresse könnte sein:
\end_layout
\begin_layout Code
-
ff02::1:ff00:1234
\end_layout
@@ -2897,7 +2834,6 @@ Die Subnet-Router Anycast Adresse ist ein einfaches Beispiel für eine Anycast
\end_layout
\begin_layout Code
-
2001:0db8:100:f101:210:a4ff:fee3:9566/64 <- Node's address
\end_layout
@@ -2907,7 +2843,6 @@ Die Subnet-Router Anycast Adresse wird durch komplette Streichung des Suffixes
\end_layout
\begin_layout Code
-
2001:0db8:100:f101::/64 <- subnet-router anycast address
\end_layout
@@ -2947,7 +2882,6 @@ Als Beispiel hat hier ein NIC folgende MAC-Adresse (48 bit):
\end_layout
\begin_layout Code
-
00:10:a4:01:23:45
\end_layout
@@ -2967,7 +2901,6 @@ target "http://standards.ieee.org/regauth/oui/tutorials/EUI64.html"
\end_layout
\begin_layout Code
-
0210:a4ff:fe01:2345
\end_layout
@@ -2979,7 +2912,6 @@ Mit einem gegebenen Präfix wird daraus die schon oben gezeigte IPv6-Adresse:
\end_layout
\begin_layout Code
-
2001:0db8:0100:f101:0210:a4ff:fe01:2345
\end_layout
@@ -3037,7 +2969,6 @@ Bei Servern ist es wahrscheinlich leichter, sich einfachere Adressen zu
\end_layout
\begin_layout Code
-
2001:0db8:100:f101::1
\end_layout
@@ -3135,7 +3066,6 @@ Ein Beispiel:
\end_layout
\begin_layout Code
-
2001:0db8:100:1:2:3:4:5/48
\end_layout
@@ -3149,7 +3079,6 @@ Netzwerk:
\end_layout
\begin_layout Code
-
2001:0db8:0100:0000:0000:0000:0000:0000
\end_layout
@@ -3158,7 +3087,6 @@ Netzmaske:
\end_layout
\begin_layout Code
-
ffff:ffff:ffff:0000:0000:0000:0000:0000
\end_layout
@@ -3178,12 +3106,10 @@ Wenn z.B.
\end_layout
\begin_layout Code
-
2001:0db8:100::/48 :: U 1 0 0 sit1
\end_layout
\begin_layout Code
-
2000::/3 ::192.88.99.1 UG 1 0 0 tun6to4
\end_layout
@@ -3193,12 +3119,10 @@ Die gezeigten Zieladressen der IPv6 Pakete werden über die entsprechenden
\end_layout
\begin_layout Code
-
2001:0db8:100:1:2:3:4:5/48 -> routed through device sit1
\end_layout
\begin_layout Code
-
2001:0db8:200:1:2:3:4:5/48 -> routed through device tun6to4
\end_layout
@@ -3258,7 +3182,6 @@ Um zu überprüfen, ob ihr aktueller Kernel IPv6 unterstützt, sollten sie
\end_layout
\begin_layout Code
-
/proc/net/if_inet6
\end_layout
@@ -3268,7 +3191,6 @@ Einen kleinen automatischen Test können Sie wie folgt durchführen:
\end_layout
\begin_layout Code
-
# test -f /proc/net/if_inet6 && echo "Running kernel is IPv6 ready"
\end_layout
@@ -3288,7 +3210,6 @@ Mit folgenden Befehl können Sie versuchen, das Modul zu laden:
\end_layout
\begin_layout Code
-
# modprobe ipv6
\end_layout
@@ -3299,7 +3220,6 @@ Wenn dieser Befehl positiv verläuft, dann sollten Sie das Modul mit folgendem
\end_layout
\begin_layout Code
-
# lsmod |grep -w 'ipv6' && echo "IPv6 module successfully loaded"
\end_layout
@@ -3325,7 +3245,6 @@ Es ist möglich das IPv6 Modul bei Bedarf automatisch zu laden.
\end_layout
\begin_layout Code
-
alias net-pf-10 ipv6 # automatically load IPv6 module on demand
\end_layout
@@ -3335,7 +3254,6 @@ Mit der folgenden Zeile ist es auch möglich, das automatische Laden des
\end_layout
\begin_layout Code
-
alias net-pf-10 off # disable automatically load of IPv6 module on demand
\end_layout
@@ -3593,12 +3511,10 @@ Automatische Überprüfung:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig -? 2>& 1|grep -qw 'inet6' && echo "utility 'ifconfig' is
\end_layout
\begin_layout Code
-
¬ IPv6-ready"
\end_layout
@@ -3612,7 +3528,6 @@ route
\end_layout
\begin_layout Code
-
# /sbin/route -? 2>& 1|grep -qw 'inet6' && echo "utility 'route' is IPv6-ready"
\end_layout
@@ -3631,7 +3546,6 @@ Alexey N.Kuznetsov (gegenwärtig ein Betreuer des Linux Network Codes) erstellte
\end_layout
\begin_layout Code
-
# /sbin/ip 2>&1 |grep -qw 'inet6' && echo "utility 'ip' is IPv6-ready"
\end_layout
@@ -3697,17 +3611,14 @@ Anwendung
\end_layout
\begin_layout Code
-
# ping6
\end_layout
\begin_layout Code
-
# ping6
\end_layout
\begin_layout Code
-
# ping6 [-I ]
\end_layout
@@ -3719,7 +3630,6 @@ Einige Implementierungen unterstützen auch % Definition zusätzlich
\end_layout
\begin_layout Code
-
# ping6 %
\end_layout
@@ -3728,17 +3638,14 @@ Beispiel
\end_layout
\begin_layout Code
-
# ping6 -c 1 ::1
\end_layout
\begin_layout Code
-
PING ::1(::1) from ::1 : 56 data bytes
\end_layout
\begin_layout Code
-
64 bytes from ::1: icmp_seq=0 hops=64 time=292 usec
\end_layout
@@ -3747,17 +3654,14 @@ PING ::1(::1) from ::1 : 56 data bytes
\end_layout
\begin_layout Code
-
--- ::1 ping statistics ---
\end_layout
\begin_layout Code
-
1 packets transmitted, 1 packets received, 0% packet loss
\end_layout
\begin_layout Code
-
round-trip min/avg/max/mdev = 0.292/0.292/0.292/0.000 ms
\end_layout
@@ -3790,12 +3694,10 @@ Wenn link-lokale Adressen für ein IPv6 ping verwendet werden, dann hat der
\end_layout
\begin_layout Code
-
# ping6 fe80::212:34ff:fe12:3456
\end_layout
\begin_layout Code
-
connect: Invalid argument
\end_layout
@@ -3804,22 +3706,18 @@ In diesem Fall müssen Sie das Interface zusätzlich spezifizieren:
\end_layout
\begin_layout Code
-
# ping6 -I eth0 -c 1 fe80::2e0:18ff:fe90:9205
\end_layout
\begin_layout Code
-
PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from
\end_layout
\begin_layout Code
-
¬ fe80::212:34ff:fe12:3478 eth0: 56 data bytes
\end_layout
\begin_layout Code
-
64 bytes from fe80::212:23ff:fe12:3456: icmp_seq=0 hops=64 time=445 usec
\end_layout
@@ -3828,17 +3726,14 @@ PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from
\end_layout
\begin_layout Code
-
--- fe80::2e0:18ff:fe90:9205 ping statistics ---
\end_layout
\begin_layout Code
-
1 packets transmitted, 1 packets received, 0% packet loss round-trip
\end_layout
\begin_layout Code
-
¬ min/avg/max/mdev = 0.445/0.445/0.445/0.000 ms
\end_layout
@@ -3849,7 +3744,6 @@ Beispiel für % Notation:
\end_layout
\begin_layout Code
-
# ping6 -c 1 fe80::2e0:18ff:fe90:9205%eth0
\end_layout
@@ -3863,22 +3757,18 @@ Ein interessanter Mechanismus zum Aufspüren eines IPv6 aktiven Hosts am
\end_layout
\begin_layout Code
-
# ping6 -I eth0 ff02::1
\end_layout
\begin_layout Code
-
PING ff02::1(ff02::1) from fe80:::2ab:cdff:feef:0123 eth0: 56 data bytes
\end_layout
\begin_layout Code
-
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.104 ms
\end_layout
\begin_layout Code
-
64 bytes from fe80::212:34ff:fe12:3450: icmp_seq=1 ttl=64 time=0.549 ms (DUP!)
\end_layout
@@ -3890,7 +3780,6 @@ Beispiel für % Notation:
\end_layout
\begin_layout Code
-
# ping6 ff02::1%eth0
\end_layout
@@ -3918,51 +3807,42 @@ Dieses Programm ist normal im Paket iputils enthalten.
\end_layout
\begin_layout Code
-
# traceroute6 www.6bone.net
\end_layout
\begin_layout Code
-
traceroute to 6bone.net (3ffe:b00:c18:1::10) from 2001:0db8:0000:f101::2,
30
\end_layout
\begin_layout Code
-
¬ hops max, 16 byte packets
\end_layout
\begin_layout Code
-
1 localipv6gateway (2001:0db8:0000:f101::1) 1.354 ms 1.566 ms 0.407 ms
\end_layout
\begin_layout Code
-
2 swi6T1-T0.ipv6.switch.ch (3ffe:2000:0:400::1) 90.431 ms 91.956 ms 92.377 ms
\end_layout
\begin_layout Code
-
3 3ffe:2000:0:1::132 (3ffe:2000:0:1::132) 118.945 ms 107.982 ms 114.557 ms
\end_layout
\begin_layout Code
-
4 3ffe:c00:8023:2b::2 (3ffe:c00:8023:2b::2) 968.468 ms 993.392 ms 973.441
ms
\end_layout
\begin_layout Code
-
5 3ffe:2e00:e:c::3 (3ffe:2e00:e:c::3) 507.784 ms 505.549 ms 508.928 ms
\end_layout
\begin_layout Code
-
6 www.6bone.net (3ffe:b00:c18:1::10) 1265.85 ms * 1304.74 ms
\end_layout
@@ -4002,52 +3882,42 @@ iputils
\end_layout
\begin_layout Code
-
# tracepath6 www.6bone.net
\end_layout
\begin_layout Code
-
1?: [LOCALHOST] pmtu 1480
\end_layout
\begin_layout Code
-
1: 3ffe:401::2c0:33ff:fe02:14 150.705ms
\end_layout
\begin_layout Code
-
2: 3ffe:b00:c18::5 267.864ms
\end_layout
\begin_layout Code
-
3: 3ffe:b00:c18::5 asymm 2 266.145ms pmtu 1280
\end_layout
\begin_layout Code
-
3: 3ffe:3900:5::2 asymm 4 346.632ms
\end_layout
\begin_layout Code
-
4: 3ffe:28ff:ffff:4::3 asymm 5 365.965ms
\end_layout
\begin_layout Code
-
5: 3ffe:1cff:0:ee::2 asymm 4 534.704ms
\end_layout
\begin_layout Code
-
6: 3ffe:3800::1:1 asymm 4 578.126ms !N
\end_layout
\begin_layout Code
-
Resume: pmtu 1280
\end_layout
@@ -4140,32 +4010,26 @@ IPv6 ping zur Adresse
\end_layout
\begin_layout Code
-
# tcpdump -t -n -i eth0 -s 512 -vv ip6 or proto ipv6
\end_layout
\begin_layout Code
-
tcpdump: listening on eth0
\end_layout
\begin_layout Code
-
2001:0db8:100:f101:2e0:18ff:fe90:9205 > 2001:0db8:100:f101::1: icmp6: echo
\end_layout
\begin_layout Code
-
¬ request (len 64, hlim 64)
\end_layout
\begin_layout Code
-
2001:0db8:100:f101::1 > 2001:0db8:100:f101:2e0:18ff:fe90:9205: icmp6: echo
\end_layout
\begin_layout Code
-
¬ reply (len 64, hlim 64)
\end_layout
@@ -4184,52 +4048,42 @@ IPv6 ping zur Adresse
\end_layout
\begin_layout Code
-
# tcpdump -t -n -i ppp0 -s 512 -vv ip6 or proto ipv6
\end_layout
\begin_layout Code
-
tcpdump: listening on ppp0
\end_layout
\begin_layout Code
-
1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request
\end_layout
\begin_layout Code
-
¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124)
\end_layout
\begin_layout Code
-
5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len
\end_layout
\begin_layout Code
-
¬ 64, hlim 61) (ttl 23, id 29887, len 124)
\end_layout
\begin_layout Code
-
1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request
\end_layout
\begin_layout Code
-
¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124)
\end_layout
\begin_layout Code
-
5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len
\end_layout
\begin_layout Code
-
¬ 64, hlim 61) (ttl 23, id 29919, len 124)
\end_layout
@@ -4315,7 +4169,6 @@ Jeder DNS-Server (Domain Name System) sollte aufgrund der Sicherheitsupdates
\end_layout
\begin_layout Code
-
# host -t AAAA www.join.uni-muenster.de
\end_layout
@@ -4324,20 +4177,17 @@ Die Ausgabe des Tests sollte etwa wie folgt sein:
\end_layout
\begin_layout Code
-
www.join.uni-muenster.de.
is an alias for tolot.join.uni-muenster.de.
\end_layout
\begin_layout Code
-
tolot.join.uni-muenster.de.
has AAAA address
\end_layout
\begin_layout Code
-
¬ 2001:638:500:101:2e0:81ff:fe24:37c6
\end_layout
@@ -4351,30 +4201,25 @@ IPv6 kompatible Clients sind verfügbar.
\end_layout
\begin_layout Code
-
$ telnet 3ffe:400:100::1 80
\end_layout
\begin_layout Code
-
Trying 3ffe:400:100::1...
\end_layout
\begin_layout Code
-
Connected to 3ffe:400:100::1.
\end_layout
\begin_layout Code
-
Escape character is '^]'.
\end_layout
\begin_layout Code
-
HEAD / HTTP/1.0
\end_layout
@@ -4383,47 +4228,38 @@ HEAD / HTTP/1.0
\end_layout
\begin_layout Code
-
HTTP/1.1 200 OK
\end_layout
\begin_layout Code
-
Date: Sun, 16 Dec 2001 16:07:21
\end_layout
\begin_layout Code
-
GMT Server: Apache/2.0.28 (Unix)
\end_layout
\begin_layout Code
-
Last-Modified: Wed, 01 Aug 2001 21:34:42 GMT
\end_layout
\begin_layout Code
-
ETag: "3f02-a4d-b1b3e080"
\end_layout
\begin_layout Code
-
Accept-Ranges: bytes
\end_layout
\begin_layout Code
-
Content-Length: 2637
\end_layout
\begin_layout Code
-
Connection: close
\end_layout
\begin_layout Code
-
Content-Type: text/html; charset=ISO-8859-1
\end_layout
@@ -4432,7 +4268,6 @@ Content-Type: text/html; charset=ISO-8859-1
\end_layout
\begin_layout Code
-
Connection closed by foreign host.
\end_layout
@@ -4474,17 +4309,14 @@ he Verhaltensweisen:
\end_layout
\begin_layout Code
-
$ ssh -6 ::1
\end_layout
\begin_layout Code
-
user@::1's password: ******
\end_layout
\begin_layout Code
-
[user@ipv6host user]$
\end_layout
@@ -5034,12 +4866,10 @@ Gebrauch:
\end_layout
\begin_layout Code
-
# ip link set dev up
\end_layout
\begin_layout Code
-
# ip link set dev down
\end_layout
@@ -5052,12 +4882,10 @@ Beispiel:
\end_layout
\begin_layout Code
-
# ip link set dev eth0 up
\end_layout
\begin_layout Code
-
# ip link set dev eth0 down
\end_layout
@@ -5071,12 +4899,10 @@ Gebrauch:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig up
\end_layout
\begin_layout Code
-
# /sbin/ifconfig down
\end_layout
@@ -5085,12 +4911,10 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig eth0 up
\end_layout
\begin_layout Code
-
# /sbin/ifconfig eth0 down
\end_layout
@@ -5145,7 +4969,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr show dev
\end_layout
@@ -5154,27 +4977,22 @@ Beispiel für einen statisch konfigurierten Host:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr show dev eth0
\end_layout
\begin_layout Code
-
2: eth0:
\end_layout
@@ -5261,22 +5070,18 @@ en (die Ausgabe wurde mit grep gefiltert)
\end_layout
\begin_layout Code
-
# /sbin/ifconfig eth0 |grep "inet6 addr:"
\end_layout
\begin_layout Code
-
inet6 addr: fe80::210:a4ff:fee3:9566/10 Scope:Link
\end_layout
\begin_layout Code
-
inet6 addr: 2001:0db8:0:f101::1/64 Scope:Global
\end_layout
\begin_layout Code
-
inet6 addr: fec0:0:0:f101::1/64 Scope:Site
\end_layout
@@ -5299,7 +5104,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr add / dev
\end_layout
@@ -5308,7 +5112,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr add 2001:0db8:0:f101::1/64 dev eth0
\end_layout
@@ -5322,7 +5125,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig inet6 add /
\end_layout
@@ -5331,7 +5133,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig eth0 inet6 add 2001:0db8:0:f101::1/64
\end_layout
@@ -5355,7 +5156,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr del / dev
\end_layout
@@ -5364,7 +5164,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr del 2001:0db8:0:f101::1/64 dev eth0
\end_layout
@@ -5378,7 +5177,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig inet6 del /
\end_layout
@@ -5387,7 +5185,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig eth0 inet6 del 2001:0db8:0:f101::1/64
\end_layout
@@ -5441,7 +5238,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route show [dev ]
\end_layout
@@ -5451,27 +5247,22 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route show dev eth0
\end_layout
\begin_layout Code
-
2001:0db8:0:f101::/64 proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
\begin_layout Code
-
fe80::/10 proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
\begin_layout Code
-
ff00::/8 proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
\begin_layout Code
-
default proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
@@ -5485,7 +5276,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6
\end_layout
@@ -5496,42 +5286,34 @@ Sie sehen hier mehrere IPv6 Routen mit unterschiedlichen Adressen eines
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 |grep -w "eth0"
\end_layout
\begin_layout Code
-
2001:0db8:0:f101 ::/64 :: UA 256 0 0 eth0 <- Interface route for global
\end_layout
\begin_layout Code
-
¬ address
\end_layout
\begin_layout Code
-
fe80::/10 :: UA 256 0 0 eth0 <- Interface route for link-local
\end_layout
\begin_layout Code
-
¬ address
\end_layout
\begin_layout Code
-
ff00::/8 :: UA 256 0 0 eth0 <- Interface route for all multicast
\end_layout
\begin_layout Code
-
¬ addresses
\end_layout
\begin_layout Code
-
::/0 :: UDA 256 0 0 eth0 <- Automatic default route
\end_layout
@@ -5554,12 +5336,10 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add / via
\end_layout
\begin_layout Code
-
¬ [dev ]
\end_layout
@@ -5568,7 +5348,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add default via 2001:0db8:0:f101::1
\end_layout
@@ -5582,12 +5361,10 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add / gw
\end_layout
\begin_layout Code
-
¬ [dev ]
\end_layout
@@ -5606,7 +5383,6 @@ Im folgenden Beispiel wird eine Route für alle Adressen (default) über das
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add default gw 2001:0db8:0:f101::1
\end_layout
@@ -5631,12 +5407,10 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del / via
\end_layout
\begin_layout Code
-
¬ [dev ]
\end_layout
@@ -5645,7 +5419,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del default via 2001:0db8:0:f101::1
\end_layout
@@ -5659,13 +5432,11 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del / gw
[dev
\end_layout
\begin_layout Code
-
¬ ]
\end_layout
@@ -5674,7 +5445,6 @@ Beispiel zum entfernen der im obigen Beispiel hinzugefügten Route:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del default gw 2001:0db8:0:f101::1
\end_layout
@@ -5698,12 +5468,10 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add / dev
\end_layout
\begin_layout Code
-
¬ metric 1
\end_layout
@@ -5712,7 +5480,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add default dev eth0 metric 1
\end_layout
@@ -5755,7 +5522,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add / dev
\end_layout
@@ -5764,7 +5530,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add default dev eth0
\end_layout
@@ -5787,7 +5552,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del / dev
\end_layout
@@ -5796,7 +5560,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del default dev eth0
\end_layout
@@ -5810,7 +5573,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del / dev
\end_layout
@@ -5820,7 +5582,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del default dev eth0
\end_layout
@@ -5860,17 +5621,14 @@ Ein client kann eine Default Route (z.B.
\end_layout
\begin_layout Code
-
# ip -6 route show | grep ^default
\end_layout
\begin_layout Code
-
default via fe80::212:34ff:fe12:3450 dev eth0 proto kernel metric 1024 expires
\end_layout
\begin_layout Code
-
¬ 29sec mtu 1500 advmss 1440
\end_layout
@@ -5967,7 +5725,6 @@ Mit dem folgenden Befehl können Sie die gelernten oder konfigurierten IPv6
\end_layout
\begin_layout Code
-
# ip -6 neigh show [dev ]
\end_layout
@@ -5976,12 +5733,10 @@ Das folgende Beispiel zeigt einen Nachbar, einen erreichbaren Router:
\end_layout
\begin_layout Code
-
# ip -6 neigh show
\end_layout
\begin_layout Code
-
fe80::201:23ff:fe45:6789 dev eth0 lladdr 00:01:23:45:67:89 router nud reachable
\end_layout
@@ -6006,7 +5761,6 @@ Mit folgendem Befehl können Sie einen Eintrag manuell hinzufügen:
\end_layout
\begin_layout Code
-
# ip -6 neigh add lladdr dev
\end_layout
@@ -6015,7 +5769,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# ip -6 neigh add fec0::1 lladdr 02:01:02:03:04:05 dev eth0
\end_layout
@@ -6028,7 +5781,6 @@ Sie können einen Eintrag auch löschen:
\end_layout
\begin_layout Code
-
# ip -6 neigh del lladdr dev
\end_layout
@@ -6037,7 +5789,6 @@ Beispiel:
\end_layout
\begin_layout Code
-
# ip -6 neigh del fec0::1 lladdr 02:01:02:03:04:05 dev eth0
\end_layout
@@ -6067,28 +5818,23 @@ help
\end_layout
\begin_layout Code
-
# ip -6 neigh help
\end_layout
\begin_layout Code
-
Usage: ip neigh { add | del | change | replace } { ADDR [ lladdr LLADDR
]
\end_layout
\begin_layout Code
-
[ nud { permanent | noarp | stale | reachable } ]
\end_layout
\begin_layout Code
-
| proxy ADDR } [ dev DEV ]
\end_layout
\begin_layout Code
-
ip neigh {show|flush} [ to PREFIX ] [ dev DEV ] [ nud STATE ]
\end_layout
@@ -6294,27 +6040,22 @@ target "http://www.faqs.org/rfcs/rfc3056.html"
\end_layout
\begin_layout Code
-
| 3+13 | 32 | 16 | 64 bits |
\end_layout
\begin_layout Code
-
+---+------+-----------+--------+--------------------------------+
\end_layout
\begin_layout Code
-
| FP+TLA | V4ADDR | SLA ID | Interface ID |
\end_layout
\begin_layout Code
-
| 0x2002 | | | |
\end_layout
\begin_layout Code
-
+---+------+-----------+--------+--------------------------------+
\end_layout
@@ -6546,7 +6287,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel show []
\end_layout
@@ -6555,17 +6295,14 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel show
\end_layout
\begin_layout Code
-
sit0: ipv6/ip remote any local any ttl 64 nopmtudisc
\end_layout
\begin_layout Code
-
sit1: ipv6/ip remote 195.226.187.50 local any ttl 64
\end_layout
@@ -6578,7 +6315,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6
\end_layout
@@ -6588,7 +6324,6 @@ Beispiel (Ausgabe wurde derart gefiltert, dass nur Tunnels über das virtuelle
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 | grep "
\backslash
Wsit0
@@ -6597,27 +6332,22 @@ W*$"
\end_layout
\begin_layout Code
-
::/96 :: U 256 2 0 sit0
\end_layout
\begin_layout Code
-
2002::/16 :: UA 256 0 0 sit0
\end_layout
\begin_layout Code
-
2000::/3 ::193.113.58.75 UG 1 0 0 sit0
\end_layout
\begin_layout Code
-
fe80::/10 :: UA 256 0 0 sit0
\end_layout
\begin_layout Code
-
ff00::/8 :: UA 256 0 0 sit0
\end_layout
@@ -6695,12 +6425,10 @@ ert 0 ist):
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel add mode sit ttl remote
\end_layout
\begin_layout Code
-
¬ local
\end_layout
@@ -6709,22 +6437,18 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel add sit1 mode sit ttl remote
\end_layout
\begin_layout Code
-
¬ local
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev sit1 up
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add dev sit1 metric 1
\end_layout
@@ -6733,22 +6457,18 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel add sit2 mode sit ttl
\end_layout
\begin_layout Code
-
¬ local
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev sit2 up
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add dev sit2 metric 1
\end_layout
@@ -6757,22 +6477,18 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel add sit3 mode sit ttl
\end_layout
\begin_layout Code
-
¬ local
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev sit3 up
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add dev sit3 metric 1
\end_layout
@@ -6795,7 +6511,6 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 up
\end_layout
@@ -6804,17 +6519,14 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 tunnel
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit1 up
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add dev sit1
\end_layout
@@ -6823,17 +6535,14 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 tunnel
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit2 up
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add dev sit2
\end_layout
@@ -6842,17 +6551,14 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 tunnel
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit3 up
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add dev sit3
\end_layout
@@ -6881,7 +6587,6 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 up
\end_layout
@@ -6890,32 +6595,26 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add gw
\end_layout
\begin_layout Code
-
¬ :: dev sit0
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add gw
\end_layout
\begin_layout Code
-
¬ :: dev sit0
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add gw
\end_layout
\begin_layout Code
-
¬ :: dev sit0
\end_layout
@@ -6945,7 +6644,6 @@ Entfernen eines Tunnel-Devices:
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel del
\end_layout
@@ -6954,17 +6652,14 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del dev sit1
\end_layout
\begin_layout Code
-
# /sbin/ip link set sit1 down
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel del sit1
\end_layout
@@ -6973,17 +6668,14 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del dev sit2
\end_layout
\begin_layout Code
-
# /sbin/ip link set sit2 down
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel del sit2
\end_layout
@@ -6992,17 +6684,14 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del dev sit3
\end_layout
\begin_layout Code
-
# /sbin/ip link set sit3 down
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel del sit3
\end_layout
@@ -7023,12 +6712,10 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del dev sit3
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit3 down
\end_layout
@@ -7037,12 +6724,10 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del dev sit2
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit2 down
\end_layout
@@ -7051,12 +6736,10 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add dev sit1
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit1 down
\end_layout
@@ -7065,7 +6748,6 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 down
\end_layout
@@ -7087,32 +6769,26 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del gw
\end_layout
\begin_layout Code
-
¬ :: dev sit0
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del gw
\end_layout
\begin_layout Code
-
¬ :: dev sit0
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del gw
\end_layout
\begin_layout Code
-
¬ :: dev sit0
\end_layout
@@ -7121,7 +6797,6 @@ Anwendung (drei allgemeine Beispiele):
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 down
\end_layout
@@ -7182,7 +6857,6 @@ Angenommen, Ihre IPv4 Adresse ist:
\end_layout
\begin_layout Code
-
1.2.3.4
\end_layout
@@ -7191,7 +6865,6 @@ Dann ist das daraus resultierende 6to4 Präfix:
\end_layout
\begin_layout Code
-
2002:0102:0304::
\end_layout
@@ -7210,7 +6883,6 @@ pe Suffix kann benutzt werden) das Suffix
\end_layout
\begin_layout Code
-
2002:0102:0304::1
\end_layout
@@ -7219,7 +6891,6 @@ Zum automatischen Erstellen der Adresse können Sie folgenden Befehl nutzen:
\end_layout
\begin_layout Code
-
ipv4="1.2.3.4"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "`
\end_layout
@@ -7241,12 +6912,10 @@ Erstellen eines neues Tunnel-Device:
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel add tun6to4 mode sit ttl remote any local
\end_layout
\begin_layout Code
-
¬
\end_layout
@@ -7255,7 +6924,6 @@ Interface aktivieren:
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev tun6to4 up
\end_layout
@@ -7265,7 +6933,6 @@ Eine lokale 6to4 Adresse am Interface hinzufügen (Hinweis: Präfix-Länge
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr add /16 dev tun6to4
\end_layout
@@ -7275,7 +6942,6 @@ Hinzufügen der (Standard-) Route zum globalen IPv6 Netz unter Verwendung
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add default via ::192.88.99.1 dev tun6to4 metric 1
\end_layout
@@ -7296,7 +6962,6 @@ ip
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add default via 2002:c058:6301::1 dev tun6to4 metric
1
\end_layout
@@ -7316,7 +6981,6 @@ Das allgemeine Tunnel Interface sit0 aktivieren:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 up
\end_layout
@@ -7325,7 +6989,6 @@ Dem Interface eine lokale 6to4 Adresse hinzufügen:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 add /16
\end_layout
@@ -7335,7 +6998,6 @@ Hinzufügen der (Standard-) Route zum globalen IPv6 Netz unter Verwendung
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 add default gw ::192.88.99.1 dev sit0
\end_layout
@@ -7352,7 +7014,6 @@ Entfernen aller Routen über dieses bestimmten Tunnel Devices:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route flush dev tun6to4
\end_layout
@@ -7361,7 +7022,6 @@ Interface deaktivieren:
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev tun6to4 down
\end_layout
@@ -7370,7 +7030,6 @@ Ein erstelltes Tunnel Device entfernen:
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel del tun6to4
\end_layout
@@ -7384,7 +7043,6 @@ Entfernen der (Standard-) Route über ein 6to4 Tunnel Device:
\end_layout
\begin_layout Code
-
# /sbin/route -A inet6 del default gw ::192.88.99.1 dev sit0
\end_layout
@@ -7393,7 +7051,6 @@ Eine 6to4 Adresse des Interfaces entfernen:
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 del /16
\end_layout
@@ -7403,7 +7060,6 @@ Ein allgemeines Tunnel Device deaktivieren (aber Achtung, eventuell ist
\end_layout
\begin_layout Code
-
# /sbin/ifconfig sit0 down
\end_layout
@@ -7451,7 +7107,6 @@ Anwendung:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel show []
\end_layout
@@ -7462,18 +7117,15 @@ Beispiel:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel show mode any
\end_layout
\begin_layout Code
-
ip6tnl0: ipv6/ipv6 remote :: local :: encaplimit 0 hoplimit 0 tclass 0x00
flowlabel 0x00000 (flowinfo 0x00000000)
\end_layout
\begin_layout Code
-
ip6tnl1: ip/ipv6 remote fd00:0:0:2::a local fd00:0:0:2::1 dev eth1 encaplimit
4 hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000)
\end_layout
@@ -7499,7 +7151,6 @@ Anwendung für die Erzeugung einer 4over6 Tunnel-Schnittstelle (welche danach
\end_layout
\begin_layout Code
-
# /sbin/ip tunnel add mode ip4ip6 remote
local
\end_layout
@@ -7511,18 +7162,15 @@ Anwendung (allgemeines Beispiel für drei Tunnels):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel add ip6tnl1 mode ip4ip6 remote local
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev ip6tnl1 up
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add dev ip6tnl1 metric 1
\end_layout
@@ -7531,18 +7179,15 @@ Anwendung (allgemeines Beispiel für drei Tunnels):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel add ip6tnl2 mode ip4ip6 remote local
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev ip6tnl2 up
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add dev ip6tnl2 metric 1
\end_layout
@@ -7551,18 +7196,15 @@ Anwendung (allgemeines Beispiel für drei Tunnels):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel add ip6tnl3 mode ip4ip6 remote local
\end_layout
\begin_layout Code
-
# /sbin/ip link set dev ip6tnl3 up
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add dev ip6tnl3 metric 1
\end_layout
@@ -7579,7 +7221,6 @@ Anwendung für das Löschen einer Tunnel-Schnittstelle:
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel del
\end_layout
@@ -7590,17 +7231,14 @@ Anwendung (allgemeines Beispiel für drei Tunnels):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del dev ip6tnl1
\end_layout
\begin_layout Code
-
# /sbin/ip link set ip6tnl1 down
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel del ip6tnl1
\end_layout
@@ -7609,17 +7247,14 @@ Anwendung (allgemeines Beispiel für drei Tunnels):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del dev ip6tnl2
\end_layout
\begin_layout Code
-
# /sbin/ip link set ip6tnl2 down
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel del ip6tnl2
\end_layout
@@ -7628,17 +7263,14 @@ Anwendung (allgemeines Beispiel für drei Tunnels):
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route del dev ip6tnl3
\end_layout
\begin_layout Code
-
# /sbin/ip link set ip6tnl3 down
\end_layout
\begin_layout Code
-
# /sbin/ip -6 tunnel del ip6tnl3
\end_layout
@@ -7718,7 +7350,6 @@ Das /proc-Dateisystem muss im Kernel aktiviert sein.
\end_layout
\begin_layout Code
-
CONFIG_PROC_FS=y
\end_layout
@@ -7728,12 +7359,10 @@ Das /proc-Dateisystem muss zuerst gemountet sein.
\end_layout
\begin_layout Code
-
# mount | grep "type proc"
\end_layout
\begin_layout Code
-
none on /proc type proc (rw)
\end_layout
@@ -7765,12 +7394,10 @@ cat
\end_layout
\begin_layout Code
-
# cat /proc/sys/net/ipv6/conf/all/forwarding
\end_layout
\begin_layout Code
-
0
\end_layout
@@ -7792,7 +7419,6 @@ echo
\end_layout
\begin_layout Code
-
# echo "1" >/proc/sys/net/ipv6/conf/all/forwarding
\end_layout
@@ -7841,7 +7467,6 @@ Das sysctl-Interface muss im Kernel aktiviert sein.
\end_layout
\begin_layout Code
-
CONFIG_SYSCTL=y
\end_layout
@@ -7854,12 +7479,10 @@ Der Wert eines Eintrags kann nun angezeigt werden:
\end_layout
\begin_layout Code
-
# sysctl net.ipv6.conf.all.forwarding
\end_layout
\begin_layout Code
-
net.ipv6.conf.all.forwarding = 0
\end_layout
@@ -7873,12 +7496,10 @@ Ein neuer Wert kann wie folgt zugewiesen werden (wenn der Eintrag beschreibbar
\end_layout
\begin_layout Code
-
# sysctl -w net.ipv6.conf.all.forwarding=1
\end_layout
\begin_layout Code
-
net.ipv6.conf.all.forwarding = 1
\end_layout
@@ -7898,12 +7519,10 @@ Anmerkung: Verwenden Sie beim setzen eines Wertes keine Leerzeichen vor
\end_layout
\begin_layout Code
-
# sysctl -w net.ipv4.ip_local_port_range="32768 61000"
\end_layout
\begin_layout Code
-
net.ipv4.ip_local_port_range = 32768 61000
\end_layout
@@ -8386,12 +8005,10 @@ target "http://www.zebra.org/"
\end_layout
\begin_layout Code
-
ZEBRA: netlink-listen error: No buffer space available, type=RTM_NEWROUTE(24),
\end_layout
\begin_layout Code
-
¬ seq=426, pid=0
\end_layout
@@ -8867,27 +8484,22 @@ net/ipv6/addrconf.c
\end_layout
\begin_layout Code
-
# cat /proc/net/if_inet6
\end_layout
\begin_layout Code
-
00000000000000000000000000000001 01 80 10 80 lo
\end_layout
\begin_layout Code
-
+------------------------------+ ++ ++ ++ ++ ++
\end_layout
\begin_layout Code
-
| | | | | |
\end_layout
\begin_layout Code
-
1 2 3 4 5 6
\end_layout
@@ -8981,27 +8593,22 @@ net/ipv6/route.c
\end_layout
\begin_layout Code
-
# cat /proc/net/ipv6_route
\end_layout
\begin_layout Code
-
00000000000000000000000000000000 00 00000000000000000000000000000000 00
\end_layout
\begin_layout Code
-
+------------------------------+ ++ +------------------------------+ ++
\end_layout
\begin_layout Code
-
| | | |
\end_layout
\begin_layout Code
-
1 2 3 4
\end_layout
@@ -9010,22 +8617,18 @@ net/ipv6/route.c
\end_layout
\begin_layout Code
-
¬ 00000000000000000000000000000000 ffffffff 00000001 00000001 00200200 lo
\end_layout
\begin_layout Code
-
¬ +------------------------------+ +------+ +------+ +------+ +------+ ++
\end_layout
\begin_layout Code
-
¬ | | | | | |
\end_layout
\begin_layout Code
-
¬ 5 6 7 8 9 10
\end_layout
@@ -9085,27 +8688,22 @@ Statistiken über verwendete IPv6 Sockets.
\end_layout
\begin_layout Code
-
# cat /proc/net/sockstat6
\end_layout
\begin_layout Code
-
TCP6: inuse 7
\end_layout
\begin_layout Code
-
UDP6: inuse 2
\end_layout
\begin_layout Code
-
RAW6: inuse 1
\end_layout
\begin_layout Code
-
FRAG6: inuse 0 memory 0
\end_layout
@@ -9299,375 +8897,307 @@ Beispiel:
\end_layout
\begin_layout Code
-
# netstat -nlptu
\end_layout
\begin_layout Code
-
Active Internet connections (only servers)
\end_layout
\begin_layout Code
-
Proto Recv-Q Send-Q Local Address Foreign Address State
\end_layout
\begin_layout Code
-
¬ PID/Program name
\end_layout
\begin_layout Code
-
tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 1258/rpc.statd
\end_layout
\begin_layout Code
-
tcp 0 0 0.0.0.0:32769 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 1502/rpc.mountd
\end_layout
\begin_layout Code
-
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 22433/lpd Waiting
\end_layout
\begin_layout Code
-
tcp 0 0 1.2.3.1:139 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 1746/smbd
\end_layout
\begin_layout Code
-
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 1230/portmap
\end_layout
\begin_layout Code
-
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 3551/X
\end_layout
\begin_layout Code
-
tcp 0 0 1.2.3.1:8081 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 18735/junkbuster
\end_layout
\begin_layout Code
-
tcp 0 0 1.2.3.1:3128 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 18822/(squid)
\end_layout
\begin_layout Code
-
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
-
¬ 30734/named
\end_layout
\begin_layout Code
-
tcp 0 0 ::ffff:1.2.3.1:993 :::* LISTEN
\end_layout
\begin_layout Code
-
¬ 6742/xinetd-ipv6
\end_layout
\begin_layout Code
-
tcp 0 0 :::13 :::* LISTEN
\end_layout
\begin_layout Code
-
¬ 6742/xinetd-ipv6
\end_layout
\begin_layout Code
-
tcp 0 0 ::ffff:1.2.3.1:143 :::* LISTEN
\end_layout
\begin_layout Code
-
¬ 6742/xinetd-ipv6
\end_layout
\begin_layout Code
-
tcp 0 0 :::53 :::* LISTEN
\end_layout
\begin_layout Code
-
¬ 30734/named
\end_layout
\begin_layout Code
-
tcp 0 0 :::22 :::* LISTEN
\end_layout
\begin_layout Code
-
¬ 1410/sshd
\end_layout
\begin_layout Code
-
tcp 0 0 :::6010 :::* LISTEN
\end_layout
\begin_layout Code
-
¬ 13237/sshd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:32768 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1258/rpc.statd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:2049 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ -
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:32770 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1502/rpc.mountd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:32771 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ -
\end_layout
\begin_layout Code
-
udp 0 0 1.2.3.1:137 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1751/nmbd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:137 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1751/nmbd
\end_layout
\begin_layout Code
-
udp 0 0 1.2.3.1:138 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1751/nmbd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:138 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1751/nmbd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:33044 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 30734/named
\end_layout
\begin_layout Code
-
udp 0 0 1.2.3.1:53 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 30734/named
\end_layout
\begin_layout Code
-
udp 0 0 127.0.0.1:53 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 30734/named
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:67 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1530/dhcpd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:67 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1530/dhcpd
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:32858 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 18822/(squid)
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:4827 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 18822/(squid)
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:111 0.0.0.0:*
\end_layout
\begin_layout Code
-
¬ 1230/portmap
\end_layout
\begin_layout Code
-
udp 0 0 :::53 :::*
\end_layout
\begin_layout Code
-
¬ 30734/named
\end_layout
@@ -9700,32 +9230,26 @@ Router Advertisement
\end_layout
\begin_layout Code
-
15:43:49.484751 fe80::212:34ff:fe12:3450 > ff02::1: icmp6: router
\end_layout
\begin_layout Code
-
¬ advertisement(chlim=64, router_ltime=30, reachable_time=0,
\end_layout
\begin_layout Code
-
¬ retrans_time=0)(prefix info: AR valid_ltime=30, preffered_ltime=20,
\end_layout
\begin_layout Code
-
¬ prefix=2002:0102:0304:1::/64)(prefix info: LAR valid_ltime=2592000,
\end_layout
\begin_layout Code
-
¬ preffered_ltime=604800, prefix=2001:0db8:0:1::/64)(src lladdr:
\end_layout
\begin_layout Code
-
¬ 0:12:34:12:34:50) (len 88, hlim 255)
\end_layout
@@ -9778,12 +9302,10 @@ Router Anfrage
\end_layout
\begin_layout Code
-
15:44:21.152646 fe80::212:34ff:fe12:3456 > ff02::2: icmp6: router solicitation
\end_layout
\begin_layout Code
-
¬ (src lladdr: 0:12:34:12:34:56) (len 16, hlim 255)
\end_layout
@@ -9852,12 +9374,10 @@ fe80:212:34ff:fe12:3456
\end_layout
\begin_layout Code
-
15:44:17.712338 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has
\end_layout
\begin_layout Code
-
¬ fe80::212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, hlim 255)
\end_layout
@@ -9875,18 +9395,15 @@ Der Knoten will seine globale Adresse
\end_layout
\begin_layout Code
-
15:44:21.905596 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has
\end_layout
\begin_layout Code
-
¬ 2002:0102:0304:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len
32,
\end_layout
\begin_layout Code
-
¬ hlim 255)
\end_layout
@@ -9904,18 +9421,15 @@ Der Knoten will seine globale Adresse
\end_layout
\begin_layout Code
-
15:44:22.304028 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has
\end_layout
\begin_layout Code
-
¬ 2001:0db8:0:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32,
hlim
\end_layout
\begin_layout Code
-
¬ 255)
\end_layout
@@ -9937,18 +9451,15 @@ Der Knoten möchte Pakete an die Adresse
\end_layout
\begin_layout Code
-
13:07:47.664538 2002:0102:0304:1:2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6:
\end_layout
\begin_layout Code
-
¬ neighbor sol: who has 2001:0db8:0:1::10(src lladdr: 0:e0:18:90:92:5) (len
32,
\end_layout
\begin_layout Code
-
¬ hlim 255)
\end_layout
@@ -9965,12 +9476,10 @@ fe80::10
\end_layout
\begin_layout Code
-
13:11:20.870070 fe80::2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6: neighbor
\end_layout
\begin_layout Code
-
¬ sol: who has fe80::10(src lladdr: 0:e0:18:90:92:5) (len 32, hlim 255)
\end_layout
@@ -10098,7 +9607,6 @@ Sie können überprüfen, ob Ihre Distribution eine permanente IPv6 Konfiguratio
\end_layout
\begin_layout Code
-
/etc/sysconfig/network-scripts/network-functions-ipv6
\end_layout
@@ -10107,13 +9615,11 @@ Automatischer Test:
\end_layout
\begin_layout Code
-
# test -f /etc/sysconfig/network-scripts/network-functions-ipv6 && echo
"Main
\end_layout
\begin_layout Code
-
¬ IPv6 script library exists"
\end_layout
@@ -10125,17 +9631,14 @@ Die Versionsnummer der Library ist von Interesse, wenn Sie Features vermissen
\end_layout
\begin_layout Code
-
# source /etc/sysconfig/network-scripts/network-functions-ipv6 &&
\end_layout
\begin_layout Code
-
¬ getversion_ipv6_functions
\end_layout
\begin_layout Code
-
20011124
\end_layout
@@ -10179,12 +9682,10 @@ Kurze Anleitung zum aktivieren von IPv6 bei RHL 7.1, 7.2, 7.3, ...
\end_layout
\begin_layout Code
-
# modprobe -c | grep net-pf-10
\end_layout
\begin_layout Code
-
alias net-pf-10 off
\end_layout
@@ -10202,7 +9703,6 @@ twork
\end_layout
\begin_layout Code
-
NETWORKING_IPV6=yes
\end_layout
@@ -10212,7 +9712,6 @@ Rebooten bzw.
\end_layout
\begin_layout Code
-
# service network restart
\end_layout
@@ -10221,12 +9720,10 @@ Nun sollte das IPv6 Modul geladen sein
\end_layout
\begin_layout Code
-
# modprobe -c | grep ipv6
\end_layout
\begin_layout Code
-
alias net-pf-10 ipv6
\end_layout
@@ -10295,7 +9792,6 @@ Editiere Datei /etc/sysconfig/network/ifcfg- und setze folgende
\end_layout
\begin_layout Code
-
IP6ADDR="/"
\end_layout
@@ -10331,7 +9827,6 @@ Editiere Datei /etc/sysconfig/network/ifcfg- und setze folgende
\end_layout
\begin_layout Code
-
IPADDR="/"
\end_layout
@@ -10386,54 +9881,44 @@ Konfiguriere die Schnittstelle (hier im Beispiel: eth0).
\end_layout
\begin_layout Code
-
iface eth0 inet6 static
\end_layout
\begin_layout Code
-
pre-up modprobe ipv6
\end_layout
\begin_layout Code
-
address 2001:0db8:1234:5::1:1
\end_layout
\begin_layout Code
-
# To suppress completely autoconfiguration:
\end_layout
\begin_layout Code
-
# up echo 0 > /proc/sys/net/ipv6/conf/all/autoconf
\end_layout
\begin_layout Code
-
netmask 64
\end_layout
\begin_layout Code
-
# The router is autoconfigured and has no fixed address.
\end_layout
\begin_layout Code
-
# It is magically
\end_layout
\begin_layout Code
-
# found.
(/proc/sys/net/ipv6/conf/all/accept_ra).
Otherwise:
\end_layout
\begin_layout Code
-
#gateway 2001:0db8:1234:5::1
\end_layout
@@ -10444,7 +9929,6 @@ Danach rebooten oder folgendes Kommando ausführen
\end_layout
\begin_layout Code
-
# ifup --force eth0
\end_layout
@@ -10521,22 +10005,18 @@ Beispiel:
\end_layout
\begin_layout Code
-
# ip -6 addr show dev eth0 scope link
\end_layout
\begin_layout Code
-
2: eth0: mtu 1500 qlen1000
\end_layout
\begin_layout Code
-
inet6 fe80::211:d8ff:fe6b:f0f5/64 scope link
\end_layout
\begin_layout Code
-
valid_lft forever preferred_lft forever
\end_layout
@@ -11112,7 +10592,6 @@ Wechseln Sie in das Source-Verzeichnis:
\end_layout
\begin_layout Code
-
# cd /path/to/src
\end_layout
@@ -11121,12 +10600,10 @@ Entpacken sie die Kernel-Quellen und vergeben diesen einen neuen Namen
\end_layout
\begin_layout Code
-
# tar z|jxf kernel-version.tar.gz|bz2
\end_layout
\begin_layout Code
-
# mv linux linux-version-iptables-version+IPv6
\end_layout
@@ -11135,7 +10612,6 @@ Entpacken Sie die iptables Quellen
\end_layout
\begin_layout Code
-
# tar z|jxf iptables-version.tar.gz|bz2
\end_layout
@@ -11148,7 +10624,6 @@ Wechseln Sie in das iptables Verzeichnis
\end_layout
\begin_layout Code
-
# cd iptables-version
\end_layout
@@ -11157,7 +10632,6 @@ Fügen Sie relevante Patches hinzu
\end_layout
\begin_layout Code
-
# make pending-patches KERNEL_DIR=/path/to/src/linux-version-iptables-version/
\end_layout
@@ -11168,7 +10642,6 @@ Fügen Sie zusätzliche IPv6 relevante IPv6 Patches hinzu (die nach wie vor
\end_layout
\begin_layout Code
-
# make patch-o-matic KERNEL_DIR=/path/to/src/linux-version-iptables-version/
\end_layout
@@ -11207,12 +10680,10 @@ REJECT.patch.ipv6
\end_layout
\begin_layout Code
-
# make print-extensions
\end_layout
\begin_layout Code
-
Extensions found: IPv6:owner IPv6:limit IPv6:mac IPv6:multiport
\end_layout
@@ -11225,7 +10696,6 @@ Wechseln Sie zu den Kernel-Quellen
\end_layout
\begin_layout Code
-
# cd /path/to/src/linux-version-iptables-version/
\end_layout
@@ -11234,12 +10704,10 @@ Editieren Sie das Makefile
\end_layout
\begin_layout Code
-
- EXTRAVERSION =
\end_layout
\begin_layout Code
-
+ EXTRAVERSION = -iptables-version+IPv6-try
\end_layout
@@ -11248,99 +10716,80 @@ Starten Sie configure und aktivieren Sie IPv6 relevante Optionen
\end_layout
\begin_layout Code
-
Code maturity level options
\end_layout
\begin_layout Code
-
Prompt for development and/or incomplete code/drivers
: yes
\end_layout
\begin_layout Code
-
Networking options
\end_layout
\begin_layout Code
-
Network packet filtering: yes
\end_layout
\begin_layout Code
-
The IPv6 protocol: module
\end_layout
\begin_layout Code
-
IPv6: Netfilter Configuration
\end_layout
\begin_layout Code
-
IP6 tables support: module
\end_layout
\begin_layout Code
-
All new options like following:
\end_layout
\begin_layout Code
-
limit match support: module
\end_layout
\begin_layout Code
-
MAC address match support: module
\end_layout
\begin_layout Code
-
Multiple port match support: module
\end_layout
\begin_layout Code
-
Owner match support: module
\end_layout
\begin_layout Code
-
netfilter MARK match support: module
\end_layout
\begin_layout Code
-
Aggregated address check: module
\end_layout
\begin_layout Code
-
Packet filtering: module
\end_layout
\begin_layout Code
-
REJECT target support: module
\end_layout
\begin_layout Code
-
LOG target support: module
\end_layout
\begin_layout Code
-
Packet mangling: module
\end_layout
\begin_layout Code
-
MARK target support: module
\end_layout
@@ -11366,7 +10815,6 @@ Benennen sie das ältere Verzeichnis um
\end_layout
\begin_layout Code
-
# mv /usr/src/linux /usr/src/linux.old
\end_layout
@@ -11375,7 +10823,6 @@ Erstellen Sie einen neuen symbolischen Link
\end_layout
\begin_layout Code
-
# ln -s /path/to/src/linux-version-iptables-version /usr/src/linux
\end_layout
@@ -11384,7 +10831,6 @@ Erstellen Sie ein neues SRPMS
\end_layout
\begin_layout Code
-
# rpm --rebuild /path/to/SRPMS/iptables-version-release.src.rpm
\end_layout
@@ -11406,7 +10852,6 @@ Freshen
\end_layout
\begin_layout Code
-
# rpm -Fhv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm
\end_layout
@@ -11423,7 +10868,6 @@ install
\end_layout
\begin_layout Code
-
# rpm -ihv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm
\end_layout
@@ -11442,7 +10886,6 @@ nodeps
\end_layout
\begin_layout Code
-
# rpm -ihv --nodeps /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm
\end_layout
@@ -11452,7 +10895,6 @@ Damit iptables die Libraries finden kann, ist es eventuell notwendig, einen
\end_layout
\begin_layout Code
-
# ln -s /lib/iptables/ /usr/lib/iptables
\end_layout
@@ -11469,7 +10911,6 @@ Laden Sie das Modul (falls dies im Kernel so kompiliert wurde):
\end_layout
\begin_layout Code
-
# modprobe ip6_tables
\end_layout
@@ -11478,12 +10919,10 @@ Laden Sie das Modul (falls dies im Kernel so kompiliert wurde):
\end_layout
\begin_layout Code
-
# [ ! -f /proc/net/ip6_tables_names ] && echo "Current kernel doesn't support
\end_layout
\begin_layout Code
-
¬ 'ip6tables' firewalling (IPv6)!"
\end_layout
@@ -11500,7 +10939,6 @@ Kurze Auflistung:
\end_layout
\begin_layout Code
-
# ip6tables -L
\end_layout
@@ -11509,7 +10947,6 @@ Erweiterte Auflistung:
\end_layout
\begin_layout Code
-
# ip6tables -n -v --line-numbers -L
\end_layout
@@ -11518,7 +10955,6 @@ Auflistung angegebener Filter
\end_layout
\begin_layout Code
-
# ip6tables -n -v --line-numbers -L INPUT
\end_layout
@@ -11527,12 +10963,10 @@ Hinzufügen einer Log-Regel zum Input-Filter mit Optionen
\end_layout
\begin_layout Code
-
# ip6tables --table filter --append INPUT -j LOG --log-prefix "INPUT:"
\end_layout
\begin_layout Code
-
¬ --log-level 7
\end_layout
@@ -11541,7 +10975,6 @@ Hinzufügen einer Drop-Regel zum Input-Filter
\end_layout
\begin_layout Code
-
# ip6tables --table filter --append INPUT -j DROP
\end_layout
@@ -11550,7 +10983,6 @@ Löschen einer Regel mit Hilfe der Regelnummer
\end_layout
\begin_layout Code
-
# ip6tables --table filter --delete INPUT 1
\end_layout
@@ -11569,7 +11001,6 @@ Seit Kernel-Version 2.6.20 ist die Auswertung des IPv6-Verbindungsstatus gut
\end_layout
\begin_layout Code
-
# ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
\end_layout
@@ -11587,7 +11018,6 @@ Eingehender ICMPv6 Verkehr durch Tunnel erlauben
\end_layout
\begin_layout Code
-
# ip6tables -A INPUT -i sit+ -p icmpv6 -j ACCEPT
\end_layout
@@ -11596,7 +11026,6 @@ Ausgehenden ICMPv6 Verkehr durch Tunnel erlauben
\end_layout
\begin_layout Code
-
# ip6tables -A OUTPUT -o sit+ -p icmpv6 -j ACCEPT
\end_layout
@@ -11605,7 +11034,6 @@ Neuere Kernel erlauben das Spezifizieren des ICMPv6-Typs:
\end_layout
\begin_layout Code
-
# ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT
\end_layout
@@ -11624,12 +11052,10 @@ n Patitionen entgegenzuwirken.
\end_layout
\begin_layout Code
-
# ip6tables -A INPUT --protocol icmpv6 --icmpv6-type echo-request
\end_layout
\begin_layout Code
-
¬ -j ACCEPT --match limit --limit 30/minute
\end_layout
@@ -11648,12 +11074,10 @@ Eingehende SSH Verbindungen werden von der Adresse 2001:0db8:100::1/128
\end_layout
\begin_layout Code
-
# ip6tables -A INPUT -i sit+ -p tcp -s 2001:0db8:100::1/128 --sport 512:65535
\end_layout
\begin_layout Code
-
¬ --dport 22 -j ACCEPT
\end_layout
@@ -11668,12 +11092,10 @@ nicht mehr notwendig, wenn der IPv6-Verbindungsstatus ausgewertet wird!
\end_layout
\begin_layout Code
-
# ip6tables -A OUTPUT -o sit+ -p tcp -d 2001:0db8:100::1/128 --dport 512:65535
\end_layout
\begin_layout Code
-
¬ --sport 22 ! --syn -j ACCEPT
\end_layout
@@ -11691,7 +11113,6 @@ Akzeptiere eingehende IPv6-in-IPv4 Daten am interface ppp0
\end_layout
\begin_layout Code
-
# iptables -A INPUT -i ppp0 -p ipv6 -j ACCEPT
\end_layout
@@ -11700,7 +11121,6 @@ Akzeptiere ausgehende IPv6-in-IPv4 Daten am interface ppp0
\end_layout
\begin_layout Code
-
# iptables -A OUTPUT -o ppp0 -p ipv6 -j ACCEPT
\end_layout
@@ -11715,7 +11135,6 @@ Akzeptiere eingehende IPv6-in-IPv4 Daten vom Tunnel-Endpunkt 192.0.2.2 am interf
\end_layout
\begin_layout Code
-
# iptables -A INPUT -i ppp0 -p ipv6 -s 192.0.2.2 -j ACCEPT
\end_layout
@@ -11725,7 +11144,6 @@ Akzeptiere ausgehende IPv6-in-IPv4 Daten vom Tunnel-Endpunkt 192.0.2.2 am interf
\end_layout
\begin_layout Code
-
# iptables -A OUTPUT -o ppp0 -p ipv6 -d 192.0.2.2 -j ACCEPT
\end_layout
@@ -11749,7 +11167,6 @@ Blockiere eingehende TCP-Verbindungs-Anfragen zu diesem Host
\end_layout
\begin_layout Code
-
# ip6tables -I INPUT -i sit+ -p tcp --syn -j DROP
\end_layout
@@ -11758,7 +11175,6 @@ Blockiere eingehende TCP-Verbindungs-Anfragen zu Hosts hinter diesem Router
\end_layout
\begin_layout Code
-
# ip6tables -I FORWARD -i sit+ -p tcp --syn -j DROP
\end_layout
@@ -11791,7 +11207,6 @@ Blockiere eingehende UDP-Pakete, die nicht Antworten ausgehender Anfragen
\end_layout
\begin_layout Code
-
# ip6tables -I INPUT -i sit+ -p udp ! --dport 32768:60999 -j DROP
\end_layout
@@ -11801,7 +11216,6 @@ Blockiere eingehende UDP-Pakete, die nicht Antworten auf Anfragen von hinter
\end_layout
\begin_layout Code
-
# ip6tables -I FORWARD -i sit+ -p udp ! --dport 32768:60999 -j DROP
\end_layout
@@ -11830,7 +11244,6 @@ system-config-firewall
\end_layout
\begin_layout Code
-
Datei: /etc/sysconfig/ip6tables
\end_layout
@@ -11839,87 +11252,70 @@ Datei: /etc/sysconfig/ip6tables
\end_layout
\begin_layout Code
-
*filter :INPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
-
:FORWARD ACCEPT [0:0]
\end_layout
\begin_layout Code
-
:OUTPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
-
:RH-Firewall-1-INPUT - [0:0]
\end_layout
\begin_layout Code
-
-A INPUT -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
-
-A FORWARD -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p icmpv6 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d ff02::fb -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp6-adm-prohibited
\end_layout
\begin_layout Code
-
COMMIT
\end_layout
@@ -11931,7 +11327,6 @@ Zwecks der Vollständigkeit ist hier auch die entsprechende Konfiguration
\end_layout
\begin_layout Code
-
Datei: /etc/sysconfig/iptables
\end_layout
@@ -11940,88 +11335,71 @@ Datei: /etc/sysconfig/iptables
\end_layout
\begin_layout Code
-
*filter :INPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
-
:FORWARD ACCEPT [0:0]
\end_layout
\begin_layout Code
-
:OUTPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
-
:RH-Firewall-1-INPUT - [0:0]
\end_layout
\begin_layout Code
-
-A INPUT -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
-
-A FORWARD -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT
\end_layout
\begin_layout Code
-
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
\end_layout
\begin_layout Code
-
COMMIT
\end_layout
@@ -12044,12 +11422,10 @@ Aktivieren von IPv4 & IPv6 Firewalling
\end_layout
\begin_layout Code
-
# service iptables start
\end_layout
\begin_layout Code
-
# service ip6tables start
\end_layout
@@ -12060,12 +11436,10 @@ Aktivieren des automatischen Starts nach dem Reboot
\end_layout
\begin_layout Code
-
# chkconfig iptables on
\end_layout
\begin_layout Code
-
# chkconfig ip6tables on
\end_layout
@@ -12079,578 +11453,472 @@ Folgende Zeilen zeigen ein umfangreicheres Setup.
\end_layout
\begin_layout Code
-
# ip6tables -n -v -L
\end_layout
\begin_layout Code
-
Chain INPUT (policy DROP 0 packets, 0 bytes)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
0 0 extIN all sit+ * ::/0 ::/0
\end_layout
\begin_layout Code
-
4 384 intIN all eth0 * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 ACCEPT all * * ::1/128 ::1/128
\end_layout
\begin_layout Code
-
0 0 ACCEPT all lo * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `INPUT-default:'
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain FORWARD (policy DROP 0 packets, 0 bytes)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 int2ext all eth0 sit+ ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 ext2int all sit+ eth0 ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `FORWARD-default:'
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 extOUT all * sit+ ::/0 ::/0
\end_layout
\begin_layout Code
-
4 384 intOUT all * eth0 ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 ACCEPT all * * ::1/128 ::1/128
\end_layout
\begin_layout Code
-
0 0 ACCEPT all * lo ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `OUTPUT-default:'
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain ext2int (1 references)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `ext2int-default:'
\end_layout
\begin_layout Code
-
0 0 DROP tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 DROP udp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain extIN (1 references)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * 3ffe:400:100::1/128 ::/0
\end_layout
\begin_layout Code
-
¬ tcp spts:512:65535 dpt:22
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * 3ffe:400:100::2/128 ::/0
\end_layout
\begin_layout Code
-
¬ tcp spts:512:65535 dpt:22
\end_layout
\begin_layout Code
-
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
-
0 0 ACCEPT udp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ udp spts:1:65535 dpts:1024:65535
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ limit: avg 5/min burst 5 LOG flags 0 level 7 prefix `extIN-default:'
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain extOUT (1 references)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * ::/0
\end_layout
\begin_layout Code
-
¬ 2001:0db8:100::1/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * ::/0
\end_layout
\begin_layout Code
-
¬ 2001:0db8:100::2/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
-
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ tcp spts:1024:65535 dpts:1:65535
\end_layout
\begin_layout Code
-
0 0 ACCEPT udp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ udp spts:1024:65535 dpts:1:65535
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `extOUT-default:'
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain int2ext (1 references)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ tcp spts:1024:65535 dpts:1:65535
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `int2ext:'
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `int2ext-default:'
\end_layout
\begin_layout Code
-
0 0 DROP tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 DROP udp * * ::/0 ::/0
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain intIN (1 references)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 ACCEPT all * * ::/0
\end_layout
\begin_layout Code
-
¬ fe80::/ffc0::
\end_layout
\begin_layout Code
-
4 384 ACCEPT all * * ::/0 ff02::/16
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
Chain intOUT (1 references)
\end_layout
\begin_layout Code
-
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
-
¬
\end_layout
\begin_layout Code
-
0 0 ACCEPT all * * ::/0
\end_layout
\begin_layout Code
-
¬ fe80::/ffc0::
\end_layout
\begin_layout Code
-
4 384 ACCEPT all * * ::/0 ff02::/16
\end_layout
\begin_layout Code
-
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
-
¬ LOG flags 0 level 7 prefix `intOUT-default:'
\end_layout
\begin_layout Code
-
0 0 DROP all * * ::/0 ::/0
\end_layout
@@ -12688,7 +11956,6 @@ Wie bei IPv4 können Systeme hinter einem Router versteckt werden mit Hilfe
\end_layout
\begin_layout Code
-
# ip6tables -t nat -A POSTROUTING -o sixxs -s fec0::/64 -j MASQUERADE
\end_layout
@@ -12706,7 +11973,6 @@ Eine dedizierte öffentliche IPv6-Adresse kann zu einer internen IPv6-Adresse
\end_layout
\begin_layout Code
-
# ip6tables -t nat -A PREROUTING -d 2001:db8:0:1:5054:ff:fe01:2345 -i sixxs
-j DNAT --to-destination fec0::5054:ff:fe01:2345
\end_layout
@@ -12725,7 +11991,6 @@ Ein dedizierter Port kann zu einem internen System weitergeleitet werden,
\end_layout
\begin_layout Code
-
# ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-desti
nation [fec0::1234]:80
\end_layout
@@ -12779,22 +12044,18 @@ Laden der Kernel-Module:
\end_layout
\begin_layout Code
-
# modprobe nf_tables
\end_layout
\begin_layout Code
-
# modprobe nf_tables_ipv4
\end_layout
\begin_layout Code
-
# modprobe nf_tables_ipv6
\end_layout
\begin_layout Code
-
# modprobe nf_tables_inet
\end_layout
@@ -12805,12 +12066,10 @@ Löschen der Regeln in iptables and ip6tables um Interferenzen zu vermeiden:
\end_layout
\begin_layout Code
-
# iptables -F
\end_layout
\begin_layout Code
-
# ip6tables -F
\end_layout
@@ -12821,7 +12080,6 @@ Erzeugen der Filter-Tabelle:
\end_layout
\begin_layout Code
-
# nft add table inet filter
\end_layout
@@ -12832,7 +12090,6 @@ Erzeugen einer input chain in der Filter-Tabelle:
\end_layout
\begin_layout Code
-
# nft add chain inet filter input { type filter hook input priority 0
\backslash
; }
@@ -12858,7 +12115,6 @@ Tabelle gehören
\end_layout
\begin_layout Code
-
# nft add rule inet filter input ct state established,related counter accept
\end_layout
@@ -12870,13 +12126,11 @@ Erlauben von IPv4 und IPv6 ICMP echo-request (aka ping)
\end_layout
\begin_layout Code
-
# nft add rule inet filter input meta nfproto ipv4 icmp type { echo-request
} counter accept
\end_layout
\begin_layout Code
-
# nft add rule inet filter input meta nfproto ipv6 icmpv6 type echo-request
counter accept
\end_layout
@@ -12889,23 +12143,19 @@ Erlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit-
\end_layout
\begin_layout Code
-
# nft add rule inet filter input meta nfproto ipv6
\end_layout
\begin_layout Code
-
¬ icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert}
ip6 hoplimit 1 accept
\end_layout
\begin_layout Code
-
# nft add rule inet filter input meta nfproto ipv6
\end_layout
\begin_layout Code
-
¬ icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert}
ip6 hoplimit 255 counter accept
\end_layout
@@ -12917,7 +12167,6 @@ Erlauben von eingehenden SSH-Verbindungen für IPv4 und IPv6
\end_layout
\begin_layout Code
-
# nft add rule inet filter input tcp dport 22 ct state new tcp flags
\backslash
&
@@ -12936,17 +12185,14 @@ Reject/drop anderer Pakete
\end_layout
\begin_layout Code
-
# nft add rule inet filter input tcp dport 0-65535 reject
\end_layout
\begin_layout Code
-
# nft add rule inet filter input udp dport 0-65535 counter drop
\end_layout
\begin_layout Code
-
# nft add rule inet filter input counter drop
\end_layout
@@ -12963,77 +12209,63 @@ Tabelle für IP unabhängigen Filter
\end_layout
\begin_layout Code
-
table inet filter {
\end_layout
\begin_layout Code
-
chain input {
\end_layout
\begin_layout Code
-
type filter hook input priority 0;
\end_layout
\begin_layout Code
-
ct state established,related counter packets 0 bytes 0 accept
\end_layout
\begin_layout Code
-
ip protocol icmp icmp type { echo-request} counter packets 0 bytes 0
accept
\end_layout
\begin_layout Code
-
ip6 nexthdr ipv6-icmp icmpv6 type echo-request counter packets 0 bytes
0 accept
\end_layout
\begin_layout Code
-
ip6 nexthdr ipv6-icmp ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert,
nd-neighbor-solicit, nd-router-advert} accept
\end_layout
\begin_layout Code
-
ip6 nexthdr ipv6-icmp ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert,
nd-neighbor-solicit, nd-router-advert} accept
\end_layout
\begin_layout Code
-
tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets
0 bytes 0 accept
\end_layout
\begin_layout Code
-
tcp dport >= 0 tcp dport <= 65535 counter packets 0 bytes 0 reject
\end_layout
\begin_layout Code
-
udp dport >= 0 udp dport <= 65535 counter packets 0 bytes 0 drop
\end_layout
\begin_layout Code
-
log prefix counter packets 0 bytes 0 drop
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -13050,7 +12282,6 @@ Für Logging wird ein zusätzliches Kernelmodul benötigt:
\end_layout
\begin_layout Code
-
# modprobe xt_LOG
\end_layout
@@ -13079,7 +12310,6 @@ Für erste Tests mit der Log-Option kann es nützlich sein, das Loggens für
\end_layout
\begin_layout Code
-
#*.emerg :omusrmsg:*
\end_layout
@@ -13090,7 +12320,6 @@ Regel von oben, welche SSH auf Port 22 erlaubt, nun mit Logging:
\end_layout
\begin_layout Code
-
# nft add rule inet filter input tcp dport 22 ct state new tcp flags
\backslash
&
@@ -13172,141 +12401,114 @@ mark xxxx
\end_layout
\begin_layout Code
-
# for table in ip ip6 inet; do nft list table $table filter; done
\end_layout
\begin_layout Code
-
table ip filter {
\end_layout
\begin_layout Code
-
chain input {
\end_layout
\begin_layout Code
-
type filter hook input priority 0;
\end_layout
\begin_layout Code
-
ct state established,related counter packets 241 bytes 25193 accept
\end_layout
\begin_layout Code
-
counter packets 2 bytes 120 mark 0x00000100 accept
\end_layout
\begin_layout Code
-
icmp type { echo-request} counter packets 0 bytes 0 meta mark set 0x00000100
accept
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
table ip6 filter {
\end_layout
\begin_layout Code
-
chain input {
\end_layout
\begin_layout Code
-
type filter hook input priority 0;
\end_layout
\begin_layout Code
-
ct state established,related counter packets 14 bytes 4077 accept
\end_layout
\begin_layout Code
-
counter packets 4 bytes 408 mark 0x00000100 accept
\end_layout
\begin_layout Code
-
icmpv6 type echo-request counter packets 1 bytes 104 meta mark set 0x00000100
\end_layout
\begin_layout Code
-
icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert}
counter packets 2 bytes 224 meta mark set 0x00000100 accept
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
table inet filter {
\end_layout
\begin_layout Code
-
chain input {
\end_layout
\begin_layout Code
-
type filter hook input priority 0;
\end_layout
\begin_layout Code
-
ct state established,related counter packets 307 bytes 31974 accept
\end_layout
\begin_layout Code
-
counter packets 6 bytes 528 mark 0x00000100 accept
\end_layout
\begin_layout Code
-
tcp dport ssh ct state new tcp flags & (syn | ack) == syn log prefix
"inet/input/accept: " meta mark set 0x00000100 counter packets 3 bytes
200 accept
\end_layout
\begin_layout Code
-
log prefix "inet/input/reject: " counter packets 0 bytes 0 reject
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -13418,12 +12620,10 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se
\end_layout
\begin_layout Code
-
# nc6 ::1 daytime
\end_layout
\begin_layout Code
-
13 JUL 2002 11:22:22 CEST
\end_layout
@@ -13445,53 +12645,43 @@ target "http://www.insecure.org/nmap/"
\end_layout
\begin_layout Code
-
# nmap -6 -sT ::1
\end_layout
\begin_layout Code
-
Starting nmap V.
3.10ALPHA3 ( www.insecure.org/nmap/ )
\end_layout
\begin_layout Code
-
Interesting ports on localhost6 (::1):
\end_layout
\begin_layout Code
-
(The 1600 ports scanned but not shown below are in state: closed)
\end_layout
\begin_layout Code
-
Port State Service
\end_layout
\begin_layout Code
-
22/tcp open ssh
\end_layout
\begin_layout Code
-
53/tcp open domain
\end_layout
\begin_layout Code
-
515/tcp open printer
\end_layout
\begin_layout Code
-
2401/tcp open cvspserver
\end_layout
\begin_layout Code
-
Nmap run completed -- 1 IP address (1 host up) scanned in 0.525 seconds
\end_layout
@@ -13514,32 +12704,26 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se
\end_layout
\begin_layout Code
-
# ./strobe ::1 strobe 1.05 (c) 1995-1999 Julian Assange .
\end_layout
\begin_layout Code
-
::1 2401 unassigned unknown
\end_layout
\begin_layout Code
-
::1 22 ssh Secure Shell - RSA encrypted rsh
\end_layout
\begin_layout Code
-
::1 515 printer spooler (lpd)
\end_layout
\begin_layout Code
-
::1 6010 unassigned unknown
\end_layout
\begin_layout Code
-
::1 53 domain Domain Name Server
\end_layout
@@ -13910,27 +13094,22 @@ Beispiel für eine Ende-zu-Ende verschlüsselte Verbindung im Transport-Modus
\end_layout
\begin_layout Code
-
#!/sbin/setkey -f
\end_layout
\begin_layout Code
-
flush;
\end_layout
\begin_layout Code
-
spdflush;
\end_layout
\begin_layout Code
-
spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec esp/transport//require;
\end_layout
\begin_layout Code
-
spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec esp/transport//require;
\end_layout
@@ -13945,37 +13124,30 @@ Beispiel für eine Ende-zu-Ende verschlüsselte Verbindung im Tunnel-Modus
\end_layout
\begin_layout Code
-
#!/sbin/setkey -f
\end_layout
\begin_layout Code
-
flush;
\end_layout
\begin_layout Code
-
spdflush;
\end_layout
\begin_layout Code
-
spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec
\end_layout
\begin_layout Code
-
¬ esp/tunnel/2001:db8:1:1::1-2001:db8:2:2::2/require;
\end_layout
\begin_layout Code
-
spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec
\end_layout
\begin_layout Code
-
¬ esp/tunnel/2001:db8:2:2::2-2001:db8:1:1::1/require;
\end_layout
@@ -14045,22 +13217,18 @@ Datei: /etc/racoon/racoon.conf
\end_layout
\begin_layout Code
-
# Racoon IKE daemon configuration file.
\end_layout
\begin_layout Code
-
# See 'man racoon.conf' for a description of the format and entries.
\end_layout
\begin_layout Code
-
path include "/etc/racoon";
\end_layout
\begin_layout Code
-
path pre_shared_key "/etc/racoon/psk.txt";
\end_layout
@@ -14069,22 +13237,18 @@ path pre_shared_key "/etc/racoon/psk.txt";
\end_layout
\begin_layout Code
-
listen
\end_layout
\begin_layout Code
-
{
\end_layout
\begin_layout Code
-
isakmp 2001:db8:1:1::1;
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -14093,62 +13257,50 @@ listen
\end_layout
\begin_layout Code
-
remote 2001:db8:2:2::2
\end_layout
\begin_layout Code
-
{
\end_layout
\begin_layout Code
-
exchange_mode main;
\end_layout
\begin_layout Code
-
lifetime time 24 hour;
\end_layout
\begin_layout Code
-
proposal
\end_layout
\begin_layout Code
-
{
\end_layout
\begin_layout Code
-
encryption_algorithm 3des;
\end_layout
\begin_layout Code
-
hash_algorithm md5;
\end_layout
\begin_layout Code
-
authentication_method pre_shared_key;
\end_layout
\begin_layout Code
-
dh_group 2;
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -14157,42 +13309,34 @@ remote 2001:db8:2:2::2
\end_layout
\begin_layout Code
-
# gateway-to-gateway
\end_layout
\begin_layout Code
-
sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any
\end_layout
\begin_layout Code
-
{
\end_layout
\begin_layout Code
-
lifetime time 1 hour;
\end_layout
\begin_layout Code
-
encryption_algorithm 3des;
\end_layout
\begin_layout Code
-
authentication_algorithm hmac_md5;
\end_layout
\begin_layout Code
-
compression_algorithm deflate;
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -14201,37 +13345,30 @@ sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any
\end_layout
\begin_layout Code
-
sainfo address 2001:db8:2:2::2 any address 2001:db8:1:1::1 any
\end_layout
\begin_layout Code
-
{
\end_layout
\begin_layout Code
-
lifetime time 1 hour;
\end_layout
\begin_layout Code
-
encryption_algorithm 3des;
\end_layout
\begin_layout Code
-
authentication_algorithm hmac_md5;
\end_layout
\begin_layout Code
-
compression_algorithm deflate;
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -14248,12 +13385,10 @@ Datei: /etc/racoon/psk.txt
\end_layout
\begin_layout Code
-
# file for pre-shared keys used for IKE authentication
\end_layout
\begin_layout Code
-
# format is: 'identifier' 'key'
\end_layout
@@ -14262,7 +13397,6 @@ Datei: /etc/racoon/psk.txt
\end_layout
\begin_layout Code
-
2001:db8:2:2::2 verysecret
\end_layout
@@ -14290,100 +13424,81 @@ Zum Schluss muss der Daemon gestartet werden.
\end_layout
\begin_layout Code
-
# racoon -F -v -f /etc/racoon/racoon.conf
\end_layout
\begin_layout Code
-
Foreground mode.
\end_layout
\begin_layout Code
-
2005-01-01 20:30:15: INFO: @(#)ipsec-tools 0.3.3 (http://ipsec-tools.sourceforge.net
)
\end_layout
\begin_layout Code
-
2005-01-01 20:30:15: INFO: @(#)This product linked
\end_layout
\begin_layout Code
-
¬ OpenSSL 0.9.7a Feb 19 2003 (http://www.openssl.org/)
\end_layout
\begin_layout Code
-
2005-01-01 20:30:15: INFO: 2001:db8:1:1::1[500] used as isakmp port (fd=7)
\end_layout
\begin_layout Code
-
2005-01-01 20:31:06: INFO: IPsec-SA request for 2001:db8:2:2::2
\end_layout
\begin_layout Code
-
¬ queued due to no phase1 found.
\end_layout
\begin_layout Code
-
2005-01-01 20:31:06: INFO: initiate new phase 1 negotiation:
\end_layout
\begin_layout Code
-
¬ 2001:db8:1:1::1[500]<=>2001:db8:2:2::2[500]
\end_layout
\begin_layout Code
-
2005-01-01 20:31:06: INFO: begin Identity Protection mode.
\end_layout
\begin_layout Code
-
2005-01-01 20:31:09: INFO: ISAKMP-SA established
\end_layout
\begin_layout Code
-
¬ 2001:db8:1:1::1[500]-2001:db8:2:2::2[500] spi:da3d3693289c9698:ac039a402b2db40
1
\end_layout
\begin_layout Code
-
2005-01-01 20:31:09: INFO: initiate new phase 2 negotiation:
\end_layout
\begin_layout Code
-
¬ 2001:6f8:900:94::2[0]<=>2001:db8:2:2::2[0]
\end_layout
\begin_layout Code
-
2005-01-01 20:31:10: INFO: IPsec-SA established:
\end_layout
\begin_layout Code
-
¬ ESP/Tunnel 2001:db8:2:2::2->2001:db8:1:1::1 spi=253935531(0xf22bfab)
\end_layout
\begin_layout Code
-
2005-01-01 20:31:10: INFO: IPsec-SA established:
\end_layout
\begin_layout Code
-
¬ ESP/Tunnel 2001:db8:1:1::1->2001:db8:2:2::2 spi=175002564(0xa6e53c4)
\end_layout
@@ -14404,12 +13519,10 @@ tcpdump
\end_layout
\begin_layout Code
-
20:35:55.305707 2001:db8:1:1::1 > 2001:db8:2:2::2: ESP(spi=0x0a6e53c4,seq=0x3)
\end_layout
\begin_layout Code
-
20:35:55.537522 2001:db8:2:2::2 > 2001:db8:1:1::1: ESP(spi=0x0f22bfab,seq=0x3)
\end_layout
@@ -14434,117 +13547,94 @@ setkey
\end_layout
\begin_layout Code
-
# setkey -D
\end_layout
\begin_layout Code
-
2001:db8:1:1::1 2001:db8:2:2::2
\end_layout
\begin_layout Code
-
esp mode=tunnel spi=175002564(0x0a6e53c4) reqid=0(0x00000000)
\end_layout
\begin_layout Code
-
E: 3des-cbc bd26bc45 aea0d249 ef9c6b89 7056080f 5d9fa49c 924e2edd
\end_layout
\begin_layout Code
-
A: hmac-md5 60c2c505 517dd8b7 c9609128 a5efc2db
\end_layout
\begin_layout Code
-
seq=0x00000000 replay=4 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
-
created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005
\end_layout
\begin_layout Code
-
diff: 577(s) hard: 3600(s) soft: 2880(s)
\end_layout
\begin_layout Code
-
last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
-
current: 540(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
-
allocated: 3 hard: 0 soft: 0
\end_layout
\begin_layout Code
-
sadb_seq=1 pid=22358 refcnt=0
\end_layout
\begin_layout Code
-
2001:db8:2:2::2 2001:db8:1:1::1
\end_layout
\begin_layout Code
-
esp mode=tunnel spi=253935531(0x0f22bfab) reqid=0(0x00000000)
\end_layout
\begin_layout Code
-
E: 3des-cbc c1ddba65 83debd62 3f6683c1 20e747ac 933d203f 4777a7ce
\end_layout
\begin_layout Code
-
A: hmac-md5 3f957db9 9adddc8c 44e5739d 3f53ca0e
\end_layout
\begin_layout Code
-
seq=0x00000000 replay=4 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
-
created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005
\end_layout
\begin_layout Code
-
diff: 577(s) hard: 3600(s) soft: 2880(s)
\end_layout
\begin_layout Code
-
last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
-
current: 312(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
-
allocated: 3 hard: 0 soft: 0
\end_layout
\begin_layout Code
-
sadb_seq=0 pid=22358 refcnt=0
\end_layout
@@ -14649,22 +13739,18 @@ Datei: /etc/ipsec.conf
\end_layout
\begin_layout Code
-
# /etc/ipsec.conf - Openswan IPsec configuration file
\end_layout
\begin_layout Code
-
#
\end_layout
\begin_layout Code
-
# Manual: ipsec.conf.5
\end_layout
\begin_layout Code
-
version 2.0 # conforms to second version of ipsec.conf specification
\end_layout
@@ -14673,27 +13759,22 @@ version 2.0 # conforms to second version of ipsec.conf specification
\end_layout
\begin_layout Code
-
# basic configuration
\end_layout
\begin_layout Code
-
config setup
\end_layout
\begin_layout Code
-
# Debug-logging controls: "none" for (almost) none, "all" for lots.
\end_layout
\begin_layout Code
-
# klipsdebug=none
\end_layout
\begin_layout Code
-
# plutodebug="control parsing"
\end_layout
@@ -14702,12 +13783,10 @@ config setup
\end_layout
\begin_layout Code
-
#Disable Opportunistic Encryption
\end_layout
\begin_layout Code
-
include /etc/ipsec.d/examples/no_oe.conf
\end_layout
@@ -14716,68 +13795,55 @@ include /etc/ipsec.d/examples/no_oe.conf
\end_layout
\begin_layout Code
-
conn ipv6-p1-p2
\end_layout
\begin_layout Code
-
connaddrfamily=ipv6 # Important for IPv6, but no longer needed
since StrongSwan 4
\end_layout
\begin_layout Code
-
left=2001:db8:1:1::1
\end_layout
\begin_layout Code
-
right=2001:db8:2:2::2
\end_layout
\begin_layout Code
-
authby=secret
\end_layout
\begin_layout Code
-
esp=aes128-sha1
\end_layout
\begin_layout Code
-
ike=aes128-sha-modp1024
\end_layout
\begin_layout Code
-
type=transport
\end_layout
\begin_layout Code
-
#type=tunnel
\end_layout
\begin_layout Code
-
compress=no
\end_layout
\begin_layout Code
-
#compress=yes
\end_layout
\begin_layout Code
-
auto=add
\end_layout
\begin_layout Code
-
#auto=up
\end_layout
@@ -14798,7 +13864,6 @@ Datei: /etc/ipsec.secrets
\end_layout
\begin_layout Code
-
2001:db8:1:1::1 2001:db8:2:2::2 : PSK "verysecret"
\end_layout
@@ -14825,7 +13890,6 @@ Wenn die Installation von Openswan erfolgreich war, sollte ein initscript
\end_layout
\begin_layout Code
-
# /etc/rc.d/init.d/ipsec start
\end_layout
@@ -14845,42 +13909,34 @@ IPsec SA established
\end_layout
\begin_layout Code
-
# ipsec auto --up ipv6-peer1-peer2
\end_layout
\begin_layout Code
-
104 "ipv6-p1-p2" #1: STATE_MAIN_I1: initiate
\end_layout
\begin_layout Code
-
106 "ipv6-p1-p2" #1: STATE_MAIN_I2: sent MI2, expecting MR2
\end_layout
\begin_layout Code
-
108 "ipv6-p1-p2" #1: STATE_MAIN_I3: sent MI3, expecting MR3
\end_layout
\begin_layout Code
-
004 "ipv6-p1-p2" #1: STATE_MAIN_I4: ISAKMP SA established
\end_layout
\begin_layout Code
-
112 "ipv6-p1-p2" #2: STATE_QUICK_I1: initiate
\end_layout
\begin_layout Code
-
004 "ipv6-p1-p2" #2: STATE_QUICK_I2: sent QI2,
\end_layout
\begin_layout Code
-
¬ IPsec SA established {ESP=>0xa98b7710 <0xa51e1f22}
\end_layout
@@ -14900,117 +13956,94 @@ setkey
\end_layout
\begin_layout Code
-
# setkey -D
\end_layout
\begin_layout Code
-
2001:db8:1:1::1 2001:db8:2:2::2
\end_layout
\begin_layout Code
-
esp mode=transport spi=2844489488(0xa98b7710) reqid=16385(0x00004001)
\end_layout
\begin_layout Code
-
E: aes-cbc 082ee274 2744bae5 7451da37 1162b483
\end_layout
\begin_layout Code
-
A: hmac-sha1 b7803753 757417da 477b1c1a 64070455 ab79082c
\end_layout
\begin_layout Code
-
seq=0x00000000 replay=64 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
-
created: Jan 1 21:16:32 2005 current: Jan 1 21:22:20 2005
\end_layout
\begin_layout Code
-
diff: 348(s) hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
-
last: hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
-
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
-
allocated: 0 hard: 0 soft: 0
\end_layout
\begin_layout Code
-
sadb_seq=1 pid=23825 refcnt=0
\end_layout
\begin_layout Code
-
2001:db8:2:2::2 2001:db8:1:1::1
\end_layout
\begin_layout Code
-
esp mode=transport spi=2770214690(0xa51e1f22) reqid=16385(0x00004001)
\end_layout
\begin_layout Code
-
E: aes-cbc 6f59cc30 8d856056 65e07b76 552cac18
\end_layout
\begin_layout Code
-
A: hmac-sha1 c7c7d82b abfca8b1 5440021f e0c3b335 975b508b
\end_layout
\begin_layout Code
-
seq=0x00000000 replay=64 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
-
created: Jan 1 21:16:31 2005 current: Jan 1 21:22:20 2005
\end_layout
\begin_layout Code
-
diff: 349(s) hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
-
last: hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
-
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
-
allocated: 0 hard: 0 soft: 0
\end_layout
\begin_layout Code
-
sadb_seq=0 pid=23825 refcnt=0
\end_layout
@@ -15035,12 +14068,10 @@ ip
\end_layout
\begin_layout Code
-
# ip xfrm policy
\end_layout
\begin_layout Code
-
...
\end_layout
@@ -15049,12 +14080,10 @@ ip
\end_layout
\begin_layout Code
-
# ip xfrm state
\end_layout
\begin_layout Code
-
...
\end_layout
@@ -15104,39 +14133,32 @@ Vernünftig funktionierendes QoS ist nur an der ausgehenden Schnittstelle
\end_layout
\begin_layout Code
-
------------------->-------
\end_layout
\begin_layout Code
-
Queue 1
\backslash
\end_layout
\begin_layout Code
-
--->--- ---->--------->--------->-------------------
\end_layout
\begin_layout Code
-
Dicke Leitung Queue 2 Queue 1 / Queue 2 / Queue 3 Dünne Leitung
\end_layout
\begin_layout Code
-
--->---- ---->--------->--------->-------------------
\end_layout
\begin_layout Code
-
Queue 3 /
\end_layout
\begin_layout Code
-
------------------->-------
\end_layout
@@ -15218,7 +14240,6 @@ Definition einer root qdisc mit einer Bandbreite von 1000 MBit/s an eth1
\end_layout
\begin_layout Code
-
# tc qdisc add dev eth1 root handle 1: cbq avpkt 1000 bandwidth 1000Mbit
\end_layout
@@ -15235,7 +14256,6 @@ Definition einer Klasse 1:1 mit 1 MBit/s
\end_layout
\begin_layout Code
-
# tc class add dev eth1 parent 1: classid 1:1 cbq rate 1Mbit allot 1500
bounded
\end_layout
@@ -15247,7 +14267,6 @@ Definition einer Klasse 1:2 mit 50 MBit/s
\end_layout
\begin_layout Code
-
# tc class add dev eth1 parent 1: classid 1:2 cbq rate 50Mbit allot 1500
bounded
\end_layout
@@ -15259,7 +14278,6 @@ Definition einer Klasse 1:3 mit 10 MBit/s
\end_layout
\begin_layout Code
-
# tc class add dev eth1 parent 1: classid 1:3 cbq rate 10Mbit allot 1500
bounded
\end_layout
@@ -15271,7 +14289,6 @@ Definition einer Klasse 1:4 mit 200 kBit/s
\end_layout
\begin_layout Code
-
# tc class add dev eth1 parent 1: classid 1:4 cbq rate 200kbit allot 1500
bounded
\end_layout
@@ -15301,7 +14318,6 @@ match ip dport 5001 0xffff
\end_layout
\begin_layout Code
-
# tc filter add dev eth1 parent 1: protocol ip u32 match ip protocol
6 0xff match ip dport 5001 0xffff flowid 1:1
\end_layout
@@ -15321,7 +14337,6 @@ match ip6 protocol 6 0xff
\end_layout
\begin_layout Code
-
# tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 protocol
6 0xff match ip6 dport 5001 0xffff flowid 1:2
\end_layout
@@ -15337,7 +14352,6 @@ match ip6 flowlabel 0x12345 0x3ffff
\end_layout
\begin_layout Code
-
# tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 flowlabel
12345 0x3ffff flowid 1:3
\end_layout
@@ -15354,7 +14368,6 @@ handle 32 fw
\end_layout
\begin_layout Code
-
# tc filter add dev eth1 parent 1: protocol ipv6 handle 32 fw flowid 1:4
\end_layout
@@ -15366,7 +14379,6 @@ Die letzte Filterdefinition benötigt auch einen Eintrag in ip6tables um
\end_layout
\begin_layout Code
-
# ip6tables -A POSTROUTING -t mangle -p tcp --dport 5003 -j MARK --set-mark
32
\end_layout
@@ -15384,17 +14396,14 @@ Starten auf Serverseite in separaten Konsolen:
\end_layout
\begin_layout Code
-
# iperf -V -s -p 5001
\end_layout
\begin_layout Code
-
# iperf -V -s -p 5002
\end_layout
\begin_layout Code
-
# iperf -V -s -p 5003
\end_layout
@@ -15405,35 +14414,29 @@ Starten auf Clientseite und Vergleichen der Ergebnisse:
\end_layout
\begin_layout Code
-
# iperf -V -c SERVER-IPv4 -p 5001 (erwartet: 1 MBit/s)
\end_layout
\begin_layout Code
-
# iperf -V -c SERVER-IPv6 -p 5001 (erwartet: 50 MBit/s)
\end_layout
\begin_layout Code
-
# iperf -V -c SERVER-IPv4 -p 5002 (erwartet: >> 50 MBit/s && <= 1000
MBit/s)
\end_layout
\begin_layout Code
-
# iperf -V -c SERVER-IPv6 -p 5002 (erwartet: >> 50 MBit/s && <= 1000
MBit/s)
\end_layout
\begin_layout Code
-
# iperf -V -c SERVER-IPv4 -p 5003 (erwartet: >> 50 MBit/s && <= 1000
MBit/s)
\end_layout
\begin_layout Code
-
# iperf -V -c SERVER-IPv6 -p 5003 (erwartet: 200 kBit/s)
\end_layout
@@ -15517,22 +14520,18 @@ Folgende Optionen müssen geändert werden, damit IPv6 aktiviert wird
\end_layout
\begin_layout Code
-
options {
\end_layout
\begin_layout Code
-
# sure other options here, too
\end_layout
\begin_layout Code
-
listen-on-v6 { any; };
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -15542,59 +14541,48 @@ Nach einem Neustart (des Dienstes) sollte z.B.
\end_layout
\begin_layout Code
-
# netstat -lnptu |grep "named
\backslash
W*$"
\end_layout
\begin_layout Code
-
tcp 0 0 :::53 :::* LISTEN 1234/named
\end_layout
\begin_layout Code
-
¬ # incoming TCP requests
\end_layout
\begin_layout Code
-
udp 0 0 1.2.3.4:53 0.0.0.0:* 1234/named
\end_layout
\begin_layout Code
-
¬ # incoming UDP requests to IPv4 1.2.3.4
\end_layout
\begin_layout Code
-
udp 0 0 127.0.0.1:53 0.0.0.0:* 1234/named
\end_layout
\begin_layout Code
-
¬ # incoming UDP requests to IPv4 localhost
\end_layout
\begin_layout Code
-
udp 0 0 0.0.0.0:32868 0.0.0.0:* 1234/named
\end_layout
\begin_layout Code
-
¬ # dynamic chosen port for outgoing queries
\end_layout
\begin_layout Code
-
udp 0 0 :::53 :::* 1234/named
\end_layout
\begin_layout Code
-
¬ # incoming UDP request to any IPv6
\end_layout
@@ -15603,7 +14591,6 @@ Ein kleiner Test sieht wie folgt aus:
\end_layout
\begin_layout Code
-
# dig localhost @::1
\end_layout
@@ -15620,22 +14607,18 @@ Folgende Optionen müssen geändert werden, damit IPv6 deaktiviert wird:
\end_layout
\begin_layout Code
-
options {
\end_layout
\begin_layout Code
-
# sure other options here, too
\end_layout
\begin_layout Code
-
listen-on-v6 { none; };
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -15650,67 +14633,54 @@ ACLs mit IPv6 Adressen sind realisierbar und sollten wann immer möglich
\end_layout
\begin_layout Code
-
acl internal-net {
\end_layout
\begin_layout Code
-
127.0.0.1;
\end_layout
\begin_layout Code
-
1.2.3.0/24;
\end_layout
\begin_layout Code
-
2001:0db8:100::/56;
\end_layout
\begin_layout Code
-
::1/128;
\end_layout
\begin_layout Code
-
::ffff:1.2.3.4/128;
\end_layout
\begin_layout Code
-
};
\end_layout
\begin_layout Code
-
acl ns-internal-net {
\end_layout
\begin_layout Code
-
1.2.3.4;
\end_layout
\begin_layout Code
-
1.2.3.5;
\end_layout
\begin_layout Code
-
2001:0db8:100::4/128;
\end_layout
\begin_layout Code
-
2001:0db8:100::5/128;
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -15722,32 +14692,26 @@ Diese ACLs können für Client-Anfragen und Zonentransfers zu Secondary Nameserv
\end_layout
\begin_layout Code
-
options {
\end_layout
\begin_layout Code
-
# sure other options here, too
\end_layout
\begin_layout Code
-
listen-on-v6 { none; };
\end_layout
\begin_layout Code
-
allow-query { internal-net; };
\end_layout
\begin_layout Code
-
allow-transfer { ns-internal-net; };
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -15773,7 +14737,6 @@ Diese Option ist nicht verpflichtend, ev.
\end_layout
\begin_layout Code
-
query-source-v6 address port ;
\end_layout
@@ -15794,7 +14757,6 @@ Die Transfer source Adresse wird für ausgehende Zonentransfers verwendet:
\end_layout
\begin_layout Code
-
transfer-source-v6 [port port];
\end_layout
@@ -15807,7 +14769,6 @@ Die Notify source Adresse wird für ausgehende notify Mitteilungen verwendet:
\end_layout
\begin_layout Code
-
notify-source-v6 [port port];
\end_layout
@@ -15964,27 +14925,22 @@ Eine IPv6 Verbindung kann durch Angabe eines dedizierten Server, der abgefragt
\end_layout
\begin_layout Code
-
$ host -t aaaa www.6bone.net 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
-
Using domain server:
\end_layout
\begin_layout Code
-
Name: 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
-
Address: 2001:0db8:200:f101::1#53
\end_layout
\begin_layout Code
-
Aliases:
\end_layout
@@ -15993,7 +14949,6 @@ Aliases:
\end_layout
\begin_layout Code
-
Host www.6bone.net.
not found: 5(REFUSED)
\end_layout
@@ -16003,17 +14958,14 @@ Ein entsprechender Log-Eintrag sieht wie folgt aus:
\end_layout
\begin_layout Code
-
Jan 3 12:43:32 gate named[12347]: client
\end_layout
\begin_layout Code
-
¬ 2001:0db8:200:f101:212:34ff:fe12:3456#32770:
\end_layout
\begin_layout Code
-
query denied
\end_layout
@@ -16032,27 +14984,22 @@ Eine erfolgreiche IPv6 Verbindung sieht wie folgt aus:
\end_layout
\begin_layout Code
-
$ host -t aaaa www.6bone.net 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
-
Using domain server:
\end_layout
\begin_layout Code
-
Name: 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
-
Address: 2001:0db8:200:f101::1#53
\end_layout
\begin_layout Code
-
Aliases:
\end_layout
@@ -16061,14 +15008,12 @@ Aliases:
\end_layout
\begin_layout Code
-
www.6bone.net.
is an alias for 6bone.net.
\end_layout
\begin_layout Code
-
6bone.net.
has AAAA address 3ffe:b00:c18:1::10
\end_layout
@@ -16113,52 +15058,42 @@ Wenn Sie nun einen "eingebauten" Service wie z.B.
\end_layout
\begin_layout Code
-
# diff -u /etc/xinetd.d/daytime.orig /etc/xinetd.d/daytime
\end_layout
\begin_layout Code
-
--- /etc/xinetd.d/daytime.orig Sun Dec 16 19:00:14 2001
\end_layout
\begin_layout Code
-
+++ /etc/xinetd.d/daytime Sun Dec 16 19:00:22 2001
\end_layout
\begin_layout Code
-
@@ -10,5 +10,5 @@
\end_layout
\begin_layout Code
-
protocol = tcp
\end_layout
\begin_layout Code
-
user = root
\end_layout
\begin_layout Code
-
wait = no
\end_layout
\begin_layout Code
-
- disable = yes
\end_layout
\begin_layout Code
-
+ disable = no
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -16168,27 +15103,22 @@ dann sollten Sie nach einem Neustart des xinetd-Dienstes z.B.
\end_layout
\begin_layout Code
-
# netstat -lnptu -A inet6 |grep "xinetd*"
\end_layout
\begin_layout Code
-
tcp 0 0 ::ffff:192.168.1.1:993 :::* LISTEN 12345/xinetd-ipv6
\end_layout
\begin_layout Code
-
tcp 0 0 :::13 :::* LISTEN 12345/xinetd-ipv6 <- service
\end_layout
\begin_layout Code
-
¬ daytime/tcp
\end_layout
\begin_layout Code
-
tcp 0 0 ::ffff:192.168.1.1:143 :::* LISTEN 12345/xinetd-ipv6
\end_layout
@@ -16249,27 +15179,22 @@ Virtueller Host mit IPv6 Adresse
\end_layout
\begin_layout Code
-
Listen [2001:0db8:100::1]:80
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
ServerName ipv6only.yourdomain.yourtopleveldomain
\end_layout
\begin_layout Code
-
# ...sure more config lines
\end_layout
\begin_layout Code
-
\end_layout
@@ -16278,32 +15203,26 @@ Virtueller Host mit IPv4 und IPv6 Adresse
\end_layout
\begin_layout Code
-
Listen [2001:0db8:100::2]:80
\end_layout
\begin_layout Code
-
Listen 1.2.3.4:80
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
ServerName ipv6andipv4.yourdomain.yourtopleveldomain
\end_layout
\begin_layout Code
-
# ...sure more config lines
\end_layout
\begin_layout Code
-
\end_layout
@@ -16312,24 +15231,20 @@ Das Ergebnis sollten nach einen Neustart des Dienstes etwa Folgendes sein:
\end_layout
\begin_layout Code
-
# netstat -lnptu |grep "httpd2
\backslash
W*$"
\end_layout
\begin_layout Code
-
tcp 0 0 1.2.3.4:80 0.0.0.0:* LISTEN 12345/httpd2
\end_layout
\begin_layout Code
-
tcp 0 0 2001:0db8:100::1:80 :::* LISTEN 12345/httpd2
\end_layout
\begin_layout Code
-
tcp 0 0 2001:0db8:100::2:80 :::* LISTEN 12345/httpd2
\end_layout
@@ -16436,52 +15351,42 @@ Die Konfigurationsdatei des radvd ist normalerweise die Datei /etc/radvd.conf.
\end_layout
\begin_layout Code
-
interface eth0 {
\end_layout
\begin_layout Code
-
AdvSendAdvert on;
\end_layout
\begin_layout Code
-
MinRtrAdvInterval 3;
\end_layout
\begin_layout Code
-
MaxRtrAdvInterval 10;
\end_layout
\begin_layout Code
-
prefix 2001:0db8:0100:f101::/64 {
\end_layout
\begin_layout Code
-
AdvOnLink on;
\end_layout
\begin_layout Code
-
AdvAutonomous on;
\end_layout
\begin_layout Code
-
AdvRouterAddr on;
\end_layout
\begin_layout Code
-
};
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -16490,28 +15395,23 @@ Als Ergebnis auf der Client-Seite ergibt sich hieraus:
\end_layout
\begin_layout Code
-
# ip -6 addr show eth0
\end_layout
\begin_layout Code
-
3: eth0: mtu 1500 qdisc pfifo_fast qlen 100
\end_layout
\begin_layout Code
-
inet6 2001:0db8:100:f101:2e0:12ff:fe34:1234/64 scope global dynamic
\end_layout
\begin_layout Code
-
valid_lft 2591992sec preferred_lft 604792sec
\end_layout
\begin_layout Code
-
inet6 fe80::2e0:12ff:fe34:1234/10 scope link
\end_layout
@@ -16538,67 +15438,54 @@ Seit der Version 0.6.2pl3 wird die automatische (Neu)-Erstellung des Präfixes
\end_layout
\begin_layout Code
-
interface eth0 {
\end_layout
\begin_layout Code
-
AdvSendAdvert on;
\end_layout
\begin_layout Code
-
MinRtrAdvInterval 3;
\end_layout
\begin_layout Code
-
MaxRtrAdvInterval 10;
\end_layout
\begin_layout Code
-
prefix 0:0:0:f101::/64 {
\end_layout
\begin_layout Code
-
AdvOnLink off;
\end_layout
\begin_layout Code
-
AdvAutonomous on;
\end_layout
\begin_layout Code
-
AdvRouterAddr on;
\end_layout
\begin_layout Code
-
Base6to4Interface ppp0;
\end_layout
\begin_layout Code
-
AdvPreferredLifetime 20;
\end_layout
\begin_layout Code
-
AdvValidLifetime 30;
\end_layout
\begin_layout Code
-
};
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -16608,28 +15495,23 @@ Das Ergebnis auf Clientseite ist (unter der Annahme, dass ppp0 die lokale
\end_layout
\begin_layout Code
-
# /sbin/ip -6 addr show eth0
\end_layout
\begin_layout Code
-
3: eth0: mtu 1500 qdisc pfifo_fast qlen 100
\end_layout
\begin_layout Code
-
inet6 2002:0102:0304:f101:2e0:12ff:fe34:1234/64 scope global dynamic
\end_layout
\begin_layout Code
-
valid_lft 22sec preferred_lft 12sec
\end_layout
\begin_layout Code
-
inet6 fe80::2e0:12ff:fe34:1234/10 scope link
\end_layout
@@ -16648,7 +15530,6 @@ Achtung: wenn keine spezielle 6to4-Unterstützung der initscripts benutzt
\end_layout
\begin_layout Code
-
# /sbin/ip -6 route add 2002:0102:0304:f101::/64 dev eth0 metric 1
\end_layout
@@ -16678,107 +15559,86 @@ radvdump
\end_layout
\begin_layout Code
-
# radvdump
\end_layout
\begin_layout Code
-
Router advertisement from fe80::280:c8ff:feb9:cef9 (hoplimit 255)
\end_layout
\begin_layout Code
-
AdvCurHopLimit: 64
\end_layout
\begin_layout Code
-
AdvManagedFlag: off
\end_layout
\begin_layout Code
-
AdvOtherConfigFlag: off
\end_layout
\begin_layout Code
-
AdvHomeAgentFlag: off
\end_layout
\begin_layout Code
-
AdvReachableTime: 0
\end_layout
\begin_layout Code
-
AdvRetransTimer: 0
\end_layout
\begin_layout Code
-
Prefix 2002:0102:0304:f101::/64
\end_layout
\begin_layout Code
-
AdvValidLifetime: 30
\end_layout
\begin_layout Code
-
AdvPreferredLifetime: 20
\end_layout
\begin_layout Code
-
AdvOnLink: off
\end_layout
\begin_layout Code
-
AdvAutonomous: on
\end_layout
\begin_layout Code
-
AdvRouterAddr: on
\end_layout
\begin_layout Code
-
Prefix 2001:0db8:100:f101::/64
\end_layout
\begin_layout Code
-
AdvValidLifetime: 2592000
\end_layout
\begin_layout Code
-
AdvPreferredLifetime: 604800
\end_layout
\begin_layout Code
-
AdvOnLink: on
\end_layout
\begin_layout Code
-
AdvAutonomous: on
\end_layout
\begin_layout Code
-
AdvRouterAddr: on
\end_layout
\begin_layout Code
-
AdvSourceLLAddress: 00 80 12 34 56 78
\end_layout
@@ -16844,67 +15704,54 @@ Die Konfigurationsdatei des dhcp6s ist normalerweise /etc/dhcp6s.conf.
\end_layout
\begin_layout Code
-
interface eth0 {
\end_layout
\begin_layout Code
-
server-preference 255;
\end_layout
\begin_layout Code
-
renew-time 60;
\end_layout
\begin_layout Code
-
rebind-time 90;
\end_layout
\begin_layout Code
-
prefer-life-time 130;
\end_layout
\begin_layout Code
-
valid-life-time 200;
\end_layout
\begin_layout Code
-
allow rapid-commit;
\end_layout
\begin_layout Code
-
option dns_servers 2001:db8:0:f101::1 sub.domain.example;
\end_layout
\begin_layout Code
-
link AAA {
\end_layout
\begin_layout Code
-
range 2001:db8:0:f101::1000 to 2001:db8:0:f101::ffff/64;
\end_layout
\begin_layout Code
-
prefix 2001:db8:0:f101::/64;
\end_layout
\begin_layout Code
-
};
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -16928,22 +15775,18 @@ Die Konfigurationsdatei von dhcp6c ist normalerweise /etc/dhcp6c.conf.
\end_layout
\begin_layout Code
-
interface eth0 {
\end_layout
\begin_layout Code
-
send rapid-commit;
\end_layout
\begin_layout Code
-
request domain-name-servers;
\end_layout
\begin_layout Code
-
};
\end_layout
@@ -16967,7 +15810,6 @@ Starten des Servers, z.B.
\end_layout
\begin_layout Code
-
# service dhcp6s start
\end_layout
@@ -16985,12 +15827,10 @@ Starten des Clients im Vordergrund, z.B.
\end_layout
\begin_layout Code
-
# dhcp6c -f eth0
\end_layout
\begin_layout Code
-
...
\end_layout
@@ -17014,7 +15854,6 @@ Der Server hat einen Vordergrund und zwei Debug-Schalter (von denen beide
\end_layout
\begin_layout Code
-
# dhcp6c -d -D -f eth0
\end_layout
@@ -17032,7 +15871,6 @@ Mit einem IPv6 Ping an die DHCP Multicast-Adresse kann getestet werden,
\end_layout
\begin_layout Code
-
# ping6 -I eth0 ff02::1:2
\end_layout
@@ -17043,58 +15881,47 @@ Der Client hat einen Vordergrund und zwei Debug-Schalter, hier ein Beispiel:
\end_layout
\begin_layout Code
-
# dhcp6c -d -f eth0
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:16 dhcpv6 doesn't support hardware type 776
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:16 doesn't support sit0 address family 0
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:17 status code for this address is: success
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:17 status code: success
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:17 assigned address 2001:db8:0:f101::1002 prefix len is
not in any RAs prefix length using 64 bit instead
\end_layout
\begin_layout Code
-
Oct/03/2005 17:18:17 renew time 60, rebind time 9
\end_layout
@@ -17161,32 +15988,26 @@ Erstellen einer eigenen Konfigurationsdatei /etc/dhcp/dhcpd6.conf für den
\end_layout
\begin_layout Code
-
default-lease-time 600;
\end_layout
\begin_layout Code
-
max-lease-time 7200;
\end_layout
\begin_layout Code
-
log-facility local7;
\end_layout
\begin_layout Code
-
subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
-
# Range for clients
\end_layout
\begin_layout Code
-
range6 2001:db8:0:1::129 2001:db8:0:1::254;
\end_layout
@@ -17195,12 +16016,10 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
-
# Range for clients requesting a temporary address
\end_layout
\begin_layout Code
-
range6 2001:db8:0:1::/64 temporary;
\end_layout
@@ -17209,17 +16028,14 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
-
# Additional options
\end_layout
\begin_layout Code
-
option dhcp6.name-servers fec0:0:0:1::1;
\end_layout
\begin_layout Code
-
option dhcp6.domain-search "domain.example";
\end_layout
@@ -17228,12 +16044,10 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
-
# Prefix range for delegation to sub-routers
\end_layout
\begin_layout Code
-
prefix6 2001:db8:0:100:: 2001:db8:0:f00:: /56;
\end_layout
@@ -17242,33 +16056,27 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
-
# Example for a fixed host address
\end_layout
\begin_layout Code
-
host specialclient {
\end_layout
\begin_layout Code
-
host-identifier option dhcp6.client-id 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01:
23:45;
\end_layout
\begin_layout Code
-
fixed-address6 2001:db8:0:1::127;
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -17307,7 +16115,6 @@ dhcp6c
\end_layout
\begin_layout Code
-
# hexdump -e '"%07.7_ax " 1/2 "%04x" " " 14/1 "%02x:" "
\backslash
n"' /var/lib/dhcpv6/dhcp6c_duid 0000000 000e 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01
@@ -17333,56 +16140,46 @@ Starte den Server im Vordergrund:
\end_layout
\begin_layout Code
-
# /usr/sbin/dhcpd -6 -d -cf /etc/dhcp/dhcpd6.conf eth1
\end_layout
\begin_layout Code
-
Internet Systems Consortium DHCP Server 4.1.0
\end_layout
\begin_layout Code
-
Copyright 2004-2008 Internet Systems Consortium.
\end_layout
\begin_layout Code
-
All rights reserved.
\end_layout
\begin_layout Code
-
For info, please visit http://www.isc.org/sw/dhcp/
\end_layout
\begin_layout Code
-
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not
specified in the config file
\end_layout
\begin_layout Code
-
Wrote 0 leases to leases file.
\end_layout
\begin_layout Code
-
Bound to *:547
\end_layout
\begin_layout Code
-
Listening on Socket/5/eth1/2001:db8:0:1::/64
\end_layout
\begin_layout Code
-
Sending on Socket/5/eth1/2001:db8:0:1::/64
\end_layout
@@ -17425,62 +16222,50 @@ Erstellen der Konfigurationsdatei /etc/dibbler/server.conf .
\end_layout
\begin_layout Code
-
log-level 8
\end_layout
\begin_layout Code
-
log-mode short
\end_layout
\begin_layout Code
-
preference 0
\end_layout
\begin_layout Code
-
iface "eth1" {
\end_layout
\begin_layout Code
-
prefered-lifetime 3600
\end_layout
\begin_layout Code
-
valid-lifetime 7200
\end_layout
\begin_layout Code
-
class {
\end_layout
\begin_layout Code
-
pool 2001:db8:0:1::/64
\end_layout
\begin_layout Code
-
}
\end_layout
\begin_layout Code
-
option dns-server fec0:0:0:1::1
\end_layout
\begin_layout Code
-
option domain domain.example
\end_layout
\begin_layout Code
-
}
\end_layout
@@ -17503,148 +16288,124 @@ Start Server im Vorgergrund:
\end_layout
\begin_layout Code
-
# dibbler-server run
\end_layout
\begin_layout Code
-
| Dibbler - a portable DHCPv6, version 0.7.3 (SERVER, Linux port)
\end_layout
\begin_layout Code
-
| Authors : Tomasz Mrugalski,Marek Senderski
\end_layout
\begin_layout Code
-
| Licence : GNU GPL v2 only.
Developed at Gdansk University of Technology.
\end_layout
\begin_layout Code
-
| Homepage: http://klub.com.pl/dhcpv6/
\end_layout
\begin_layout Code
-
2009.05.28 10:18:48 Server Notice My pid (1789) is stored in /var/lib/dibbler/s
erver.pid
\end_layout
\begin_layout Code
-
2009.05.28 10:18:48 Server Notice Detected iface eth0/3, MAC=54:52:00:01:23:45.
\end_layout
\begin_layout Code
-
2009.05.28 10:18:48 Server Notice Detected iface eth1/2, MAC=54:52:00:67:89:ab.
\end_layout
\begin_layout Code
-
2009.05.28 10:18:48 Server Notice Detected iface lo/1, MAC=00:00:00:00:00:00.
\end_layout
\begin_layout Code
-
2009.05.28 10:18:48 Server Debug Skipping database loading.
\end_layout
\begin_layout Code
-
2009.05.28 10:18:48 Server Debug Cache:server-cache.xml file: parsing started,
expecting 0 entries.
\end_layout
\begin_layout Code
-
2009.05.28 10:18:48 Server Notice Parsing /etc/dibbler/server.conf config
file...
\end_layout
\begin_layout Code
-
18:48 Server Debug Setting 0 generic option(s).
\end_layout
\begin_layout Code
-
18:48 Server Debug 0 per-client configurations (exceptions) added.
\end_layout
\begin_layout Code
-
18:48 Server Debug Parsing /etc/dibbler/server.conf done.
\end_layout
\begin_layout Code
-
18:48 Server Info 0 client class(es) defined.
\end_layout
\begin_layout Code
-
18:48 Server Debug 1 interface(s) specified in /etc/dibbler/server.conf
\end_layout
\begin_layout Code
-
18:48 Server Info Mapping allow, deny list to class 0:0 allow/deny
entries in total.
\end_layout
\begin_layout Code
-
18:48 Server Info Interface eth1/2 configuration has been loaded.
\end_layout
\begin_layout Code
-
18:48 Server Notice Running in stateful mode.
\end_layout
\begin_layout Code
-
18:48 Server Info My DUID is 00:01:00:01:11:aa:6d:a7:54:52:00:67:89:ab.
\end_layout
\begin_layout Code
-
18:48 Server Notice Creating multicast (ff02::1:2) socket on eth1/2 (eth1/2)
interface.
\end_layout
\begin_layout Code
-
18:48 Server Debug Cache: size set to 1048576 bytes, 1 cache entry size
is 87 bytes, so maximum 12052 address-client pair(s) may be cached.
\end_layout
\begin_layout Code
-
18:48 Server Notice Accepting connections.
Next event in 4294967295 second(s).
\end_layout
@@ -17709,7 +16470,6 @@ s.allow sowie /etc/hosts.deny.
\end_layout
\begin_layout Code
-
$ man hosts.allow
\end_layout
@@ -17724,13 +16484,11 @@ In dieser Datei wird ein Dienst pro Zeile eingetragen, der positiv gefiltert
\end_layout
\begin_layout Code
-
sshd: 1.2.3.
[2001:0db8:100:200::]/64
\end_layout
\begin_layout Code
-
daytime-stream: 1.2.3.
[2001:0db8:100:200::]/64
\end_layout
@@ -17751,7 +16509,6 @@ In dieser Datei werden alle Einträge negativ gefiltert.
\end_layout
\begin_layout Code
-
ALL: ALL
\end_layout
@@ -17763,12 +16520,10 @@ Sie können bei Bedarf obige Standardzeile auch durch Folgende ersetzen,
\end_layout
\begin_layout Code
-
ALL: ALL: spawn (echo "Attempt from %h %a to %d at `date`"
\end_layout
\begin_layout Code
-
| tee -a /var/log/tcp.deny.log | mail root@localhost)
\end_layout
@@ -17791,22 +16546,18 @@ Das Logging einer abgelehnten IPv4-Verbindung zu einem durch den xinetd
\end_layout
\begin_layout Code
-
Jan 2 20:40:44 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap
\end_layout
\begin_layout Code
-
¬ from=::ffff:1.2.3.4
\end_layout
\begin_layout Code
-
Jan 2 20:32:06 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap
\end_layout
\begin_layout Code
-
from=2001:0db8:100:200::212:34ff:fe12:3456
\end_layout
@@ -17817,27 +16568,22 @@ Das Logging einer abgelehnten IPv4-Verbindung zu einem durch den xinetd
\end_layout
\begin_layout Code
-
Jan 2 20:24:17 gate sshd[12345]: refused connect from ::ffff:1.2.3.4
\end_layout
\begin_layout Code
-
¬ (::ffff:1.2.3.4)
\end_layout
\begin_layout Code
-
Jan 2 20:39:33 gate sshd[12345]: refused connect
\end_layout
\begin_layout Code
-
from 2001:0db8:100:200::212:34ff:fe12:3456
\end_layout
\begin_layout Code
-
¬ (2001:0db8:100:200::212:34ff:fe12:3456)
\end_layout
@@ -17851,22 +16597,18 @@ Das Logging einer akzeptierten IPv4-Verbindung zu einem durch den xinetd
\end_layout
\begin_layout Code
-
Jan 2 20:37:50 gate xinetd-ipv6[12346]: START: daytime-stream pid=0
\end_layout
\begin_layout Code
-
¬ from=::ffff:1.2.3.4
\end_layout
\begin_layout Code
-
Jan 2 20:37:56 gate xinetd-ipv6[12346]: START: daytime-stream pid=0
\end_layout
\begin_layout Code
-
from=2001:0db8:100:200::212:34ff:fe12:3456
\end_layout
@@ -17876,22 +16618,18 @@ Das Logging einer akzeptierten IPv4-Verbindung zu einem auf zwei Ports hörenden
\end_layout
\begin_layout Code
-
Jan 2 20:43:10 gate sshd[21975]: Accepted password for user from ::ffff:1.2.3.4
\end_layout
\begin_layout Code
-
¬ port 33381 ssh2
\end_layout
\begin_layout Code
-
Jan 2 20:42:19 gate sshd[12345]: Accepted password for user
\end_layout
\begin_layout Code
-
from 2001:0db8:100:200::212:34ff:fe12:3456 port 33380 ssh2
\end_layout
@@ -17927,7 +16665,6 @@ listen
\end_layout
\begin_layout Code
-
listen_ipv6=yes
\end_layout
@@ -17962,27 +16699,22 @@ Editiere die Konfigurationsdatei, üblicherweise /etc/proftpd.conf, allerdings
\end_layout
\begin_layout Code
-
\end_layout
\begin_layout Code
-
...
\end_layout
\begin_layout Code
-
Bind 2001:0DB8::1
\end_layout
\begin_layout Code
-
...
\end_layout
\begin_layout Code
-
\end_layout
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf
index 07eff8508b1a8af867d40a3d9aabef9c1bbebfdd..9aab055592860f5db9f0b5f98dd68fe338c7544e 100644
GIT binary patch
delta 19420
zcmcG#1yo!?*Cm=@jZ1I{?ht4iPk<&s2<{e~;0^(THZ;LC1lK@9aF+nV8izn|ch>~h
z#-|~l&HVGvduzRUYt`Ldb?Q{zd#h@nbE>#p9n6VSEGIeT|QUT0oN=SRZ3R
zV{_uIM?c7@Juz1YE)j%nk4?eWMW{bhEA0ZanLYr~%$3-L`S%vv0y}RD6Q8WvR%yl$
ziCdash>~p&s-5AzZfu0fN1oi;(3{--vTMt|O_=uD>95i&)??kI4TEWUw5msgVmm=J
z{@mvn^m180gImxU{GFoYUz{%fEVX_M{rXi$&@&=!O#6whsXY*+Q9Miht8L2P(-e^s2-?cCN`rquD7JRx4nDJbkPy~+%bzkkj2YykX3Dp7{E6WLu
z=I}9!6FNR}FF)-pY{#DH49iTua}cqS&XT3X7EYHExblH+FD`?`VWd_(_D
zUWkt$lRu;E4(2{#{#E_Fab>hVw_JI#d*L#HZF;us22ts(EYVeUA?f>ZDiBL%-
z*Ok;pu4l8pxTYIsM%5}FG!#_)(ZR^aCfj%p6R^jax5!+&eX*U(@lf@d^!gS7baFeR2MuLG)
z26xxcCxMY3--h=EO*!$u+Eni>-0O|N%Pk6kg4yR<_5R%wion(o|?M_iTZ08(HJhKOhzj3GQ8`}
z`qV{NZJU_hwWHxwWwW6p3ehF-{o(-_y=bh
zhWxP|gN6($kWZ&fqpMonn2OzpaB+xo9IHF!+VO43B#w|A>GkX0c?&5*Gt`fMs*E&7
z$i!E+AAj`R#PabNJ#qfFG%G0+J>^&Na_I02XO5KdpP9Xns+nJE=Whro6q7esJ;w6u
zzhz5yi@aQnZ?qPPNThcIW7CCY)kZ%r}0vMdA>?2C4s+p`X_jo_rJnByTWb0MCUp
z>L_{a0L2Rn^^3=0Rbql+&>T5;A74@|n(j7wD*0ESD0LrubD_|xaq`B|p4PF1QXK*nS!xW1!8s?e=#lLbQE1u6-i(w%5-J<%A7c*C64z~I{aovcLU8pH|
zB>kDs+wwFQ@3qTZaE(;ayr5rL1~RYQ5ns!tz|7=(re6-rHa7aMZqV@e${W{dbjLvC
zK`Yuh%asOx-vQUV@%GUHZlZ&Tcg6|a+DvDJE7I*#X{4?AJ?Ck68DvAUL_>Wq>a1KY
z^0!BC<|4l&!KE8TBDQjjxetX+3|Bm-C!#_mNs9fY*0*LL^8GzwEI*1#@&HJ1ml=L(U
zK>4pytymUd8dd%EYi^Jv=(VI2_bYL32|kbjA3wK%Ac*fZADp)ryvfTktt|+_D=BlyTlu;WIRT@%*aXqy36sz`Ye_*y_>QMG0HbwhK5XUfoS%
zR<+7g>UkB!tSKKbmLI03mizho_Y*4~#c|g)_OLOlRO@8EER<1+BC`(svB-D@(^iG3
zCo*co9~LHi#2l}lF4dhs&vePSI&gw*rpe`~6`2=k=&;M?)WqNFK+icyd(|3j9gmq*
zv=Vjijy+*|ea`u;^7e`YNAqS{Z4@y0G-Y3P`Nw_w#rGRtQ!VZZ`xI4}0!Q=f4ZU+H
zX%~Bk25%iclt6YNNh!0&!ixZyd>`Kq>&46y7=0Cm+fl-?f!Urv1q=t$--m5>A#h}1
zyg@ryo3t-dMdEf0rCJj1o`5k=x|Tf0h~f6
z;YuJpN#sQw*y{}fpt@1Chw-E8d-?VkE$Yj`NItR^A1;
z4lEPC!nB$#KRh*K)HT@>>BoPpdDJ-@WlVZe2>+czH)alnaYEh|(j95So-NW@F#dcG
z6EO;8i~YmAC=5gHlj&3Ia`=oDMc?7R#I@)P^XVh`(d`}zT&u&wgMU0CPA(bhat{V(
z`=Cd|2M%{Fz`-n#nDZDC^XrP@-cm%|LW^r6bkXfdDyw@I|EnWEgbMN}IqRx~=*)ip
z9qb)u{6*rX-e7I8?6_mY#R_Eg#Jr;x$tbwYpDhixyE@xX`ZX?W5%-`I^-CmML^IWj
z?M6g-k)Pu!MDRjQVf?t{Ls`66!|~U&-Yd8Gef~w3+`=2J7uPjCL^S>PPt9^cWN-^b
zRYw8!zNS2n^<1_zF3<SvfT^c)!dxtp}W9!iSTRb-6TqH!ao#@hDQXjq7lZJ2|TuAr9+XxZ;LLl-_Psoir
za-zr`w@{5bXmM#+j>F3m_8;>i9R@2CY_66_;V&Kq!OoNET7+TIkaxOthO*_|<2xQdqmY3Z^?sO17SA&BH&I
zvf$rYb6M^&dLZ0WBVJx)9heVm4+51b2yZ`<(7vRn+l;i00
z+r1EE2tg9_hPY4%DM+ZlIABCRca)3gLcOnjsAY42VezL3lJtedP+Xs>Q@SI^B8J5h
zqfy6_5HGG%xFep?^_xZy!c66!YgLQJ!z##E&qlNK6HnMs;|KD`h&4gh@jy8Gi$C{-
z1G|S@2#w=kup8;K;({2U;-$w@*YpZ8`hpjw$5h6zO%^s9I!WnZ$nF;qp|x|6-V*hq
z5A4$>SY+w=Lky5x?`zaP$Vlc2pZc(AZMGkRtqg~}++g6$XyXODi(eo(7q9kwes6$>
zhVAr;;i3J?FCL?IO4yH~*Dq??^!snbfYC(uOf(b+PQvSR}HbQxab#D$k
z$Gv%72<Y&u-R`kKiCP-m1F7_1$$({i1fv6+
zaEY!439g8axmnLLnY_4Mg^|KFl`d
zr{sxO+&w$1bMNE*GL$-{Dk$)
zTsGOezYz%`LFGFS_rxK(awc4q-@sAX`Lz=3-P(v6?xRz&nZdj7XJX_=8t>g@_ZZPl
z9PfF&Ck@e6rIER_a&igcW{XFn7GRW4SaG>abn+o;C+s>52xG$4g?d#};n-fxBp(JF
z9HpT5)b
z4?raEC>_)s=*ax=W?|A_R|fH4FXgUn(E?{0*CFUt{#p6m1{Y|wJYaBFtMq4a@MlPj
zK50tBmtbYOjnowKpGR!{t$;C
zw7Go{XhI6$M^=S6i|Mse#ueB;dj^6l{Stw|d;*
z!S&$N=1ev*`?Rc9v3w+FLJmR)4a6M;k3k~K5fReao$4N4q?a2hgJ0v3#tq(8M8WY*6QK9qfQWI1MlthnSQMDQRMrd%hi
zdsF(oHqq6+U;7pb9ptoBqPjuUu*0t%5@rW9cElzQI%SJmX~J*1U%-U6OAvNawWW*4&3arLBGSkBrR&x!QQDMDkf*H*+g$$dGFfZ#SiZ1PAe;DUabmc
zHl#i4hq9j0uv|du&BVA7&!`S@n65fn4>7qL?%3qwy!u!$1x;Ufkxx&s6(hQeK88YK
z#jX+&LcZfV@1MP+h_{xG8JyQY!%?re`_Y$IUgdm^X#6fgxwx_{88Ia9!JQeJG>Eo%
zoiKW?X;Q@KeACzw)}u$W`E#$B1T;B_MD&N4)FK5fgImPNQXh;Th`wb%qp^oLe6F&&
zM5rBx4pPaT5%9vG2Z73l=Bs)uUk2g&LVEJS2f|NSnp#!8@KZxV}dvUNS+bAmj*0
z>B#91PaF)fJ)`DD@#sEJ2P$!NT(xWl@OdYZw?S821Y@H<#mDBZI3|YQwAiraxcMGF
zV)1_9B3^Q3?Y*DdBoXkAyEmfOw~0-y`dEM9b5Jd_GTzB{G{i*P_OVa>+|=UqPN>5W
zIKCMBY53sk!2FdDfn{cq^Vt(#9AP-b#w?=GW~wKzrSdNsKbWVbkh5+#xD1z}PGj{w
zUAvg`G#li#eJhx$Jh1b8gPQd~ivF|tUXTwYM#eJvYWY!SglbKgCqC}s1=OrJ!(u{Q
zG&4f_3}H<94lbHNvk&fWMFc@dakiZXU4~(0Ze*5=tf^?;)kk@7k=mbK(VY>3he0su
zl*6vUBdMKLM36anTo>0Pz|COX57|?xJal82k^(okTOgdChHR^W?`+{}
zG|&|osi0ao>Xgb2o_@R!IwMSZoKtJO+hRXrRl4Mva@S0kN0~cW(=(qOX6&1Amwg
z?k&lGi5$%At+c+kp`Nj+^8>|!{E&C2(_Qz|mVpR2OG9uV@1$nh9>SB;>ApFXoV#&8
zso@~<#m0m|P9?X$j3hF6%D%9M3uCRvxt}!B9(+er(y@ciAUmr2=maWrA{2y}u`K*a
z?)wQ_9ISeGiHJ`WiaD>qyTIrOFvx5i@4gQ5JbWVV!wK2;cYnVr3NADT0jy2^S@-
zr~2>>LalEB1|h5`nAERNdILkKCl8;OCOHaWYE!A*F;mX_Mu$2!&-eO-H^_y4v4D7~
z`dpkcl<6#>3p~J=yqU=sGbyBBe{RNc9S3`2a2;R7Ic)GBW9qNF01`Yq8_^~&^i_C(
zDS}JPnGwbtsK+F88^;|lj?+B>dq
zX=6ZmFVBuhpvdyEtr;`I>0L$+0*rDWg2_xMUYWvQpEvhY#P~Js!a+f+!e5`~uAAcB
zhrdLXDV(p6t`&Oz0l4D)K(&auPz2K~`kT}$GA}pTj6zZB`jcL=QStT@q~CAemRx?t
z*Y(`b7eV^N)(!Y%?S+e|-IB{}a@|8XSt^rK)TdaUGMEST*}!zcvRglPzv?sJ5SSVu
z#c&Qw38sQ%*ja`@uq>J9FUvsY4=%4Rp-=yQ1Gi}s|9tR1Rsomr+((oeJ1K*EkvtE6
z4-p$;yNEqqI=0TVHlYrbgn$ir?)}~%sg!fLCm98tUMs4P!6|-FiW%w>>xupGxQ?nX
z{eB}Shtfn!n%(LAeBnd>eedOPI1WHUDrRxS4-u5{5(2&<)R|rH(HOFqA_{xufORcofyU~<(yE-bv&MDw(*Gf$+3XZnpq$mcWyl*
zeXiT?gEzz%D%uw)a=!dHvsvHl!Sfx{#bQ|BPZ|w<%6wn8c)r%L`2oLUWbgsp@UD
z3Ztovqac}EDhLMaSs68y+kB+YS!Ks))usXwUxweZ^;uNM7+0oGtWnu_X!zMC9Z6NQ-!z(B=iY1uNi>IKH
z5Y!{~--9JCxqk`g{jq!!VILbJ6&|JzVlx)#AiczzsaKz>e7_$Ul=`~CaEy|^cAQ}g
z=B8XG%4C_~M}(SR!v}h-~h~S=$A-AJ=!ITS|r{+IMXDeb_(;^Bc
z-A>KxyHa_fF_1U3m&$Sw-NWg${h0K$7=;k^Bp_XO#0Hgp7`CW9LNC9>+)?-k($Nip_Ef8ujcd)
z8Vo-pv5MW*jll?Ihh6>spu5w#x%
zGZk$Hc!;ldz~I_yej5v|ib3inm&1H(6GRgPAK%)J%@&(vmTW>@u=HHQ5jU3a%s4+E
zn&-E9f3Le9AtBO(xOevj{fF@jJH&Qx>s>lIK&X?nll?Vo;e-Y3PR;)}9KB{&
zAALAsx%giAmzZ@7MFkJcq}N&1kX$Q*#1w}l$Iwn*%n^^hN~W)KIFeF=Qa^0@j^C;i
z(j`t;xnIo1jPIBhhEIVM`Hjq~zGnrnMn403F1j__S}jH8YQ>BC6J1D2>$H5zY4D
z*E9Nr1;taAV$cIA@V*&hP?RCyV%sci-w{SV_A}|`q@y78m4^-B+{|Ql3L{6$m
zUtoM6ywF(%Iv}hnVuwk7e>CR8VMzG4EI`eA47Vdsg^!0OSPeGj3k(_BMSp7U5cojO
zI&v_Na*J$k+{NvOY4p70g`x9%SBPTy<+<#9<5Qq770E!W=i(f8Qi{|MB+|IC66wSK
zBnUsuY1(@HYB9;b7r+Q@m+75jk$hLAGhkHoGh>x?nuJSmc9BrcQ
z#Tz`zFPH*t%v0EU#vFD5yPtxoRB(jfl8(JZtNauoGS=oWg^W6db!9B})GxpZ{r4AY
zTuJ1oAHF$Ze{9DP!iaLhRFWi2|4`*b5blJ*)lU2ab8_j$oL`!gI8>;Nxu5~c*XF6D
zs~;$zIydN-_~%vhduP`%Kf2MqxH{cFw=LZt6b~siDHF&$^x30*`WTT3gAB0s
zS>I(G+ql%yzNp?87TDHvqTFjSu=?PQIOTby`xS?}jllz3d5KLVVDkV8ak%&I;WumzLlHc?tWqz>s1fJ4GAo^|(=V(3
zaf|!CP2B_6@$}Wz^q%uU)%;~sgKgXx&0PY#4fNxY;1?XjR%Nd+{zB#7LYZSPz&Ze1
zy84W7InTY~z8y~eQGx|;{o(}l7e>{~Ql7W?TKTD~1X_vsVxtaYUW?NvDV_tkp&fcx
z=$S8%qKEAjj-q96K|Ny37u}3^$!j!m*QT-1|G$OM|JQfoYBm3XWb;;mGm^kF@~0`?
zbpqq5evDZ8TmUPjjs)T2%F$_!vWI%J=N82+gbkd7OJUXz~s
zMbiMJ$(ylwO!mB;9;O5W2TR*0pW`z)B?FwGH
z@4s|it&upHu!%jra(zK%Uo`xY;wFpY#Vl_*K!WrC>u^E;HQXFb(D6JXMisRG`{cnL
zXh*dQj!+4dcOoxs(folnxr{a!*f4~oiVqb;3=KC~D~yTU?6b7f_8FEF247OmpC|T7
z4ZF(A{I4QTlywa`#8)dQf1V5uQ#T6B-UN9@4Lcx>?j4Lctc~m~k2uVX?7>DHevRyj
zk2vs;?D32^Fpun!kNmKXXAza6=$P4WN
zIAY1x2>)UiZPWZ!>7!F4y!|&jzpZVJSE`%zwhh3XWY7kngrek+#OPN)o0U~XK$7`Y
zrQKv2qMZJ#^0SJjS6orzy~rqW_o17(3b`WZ@qd>`Yvo4&vkd%oWr)a_A@G`O|>SvEkj|7qaXyC^iRkkq6_$)a*Ql0P5P*K
zuDd&z5NygY0VQejcku-OhLQ#bulLeV9Xq2-;sZ!#h?~keC}g#>DAh>HtW*rGQFpsI
zl*Nw^i5{$nq}E!5EN0*&z@KW;r0rXm#;;3|#*A
znrQWgKcZPCj92p=9sa*WBIy6(g8ug``j;1QqCq%-P@W%%iS3FWVz@N?rgO^FI7vs&
znO0p+`g@5iJ#f?sjf=6M0Qy8UTj~eirAD)r!p%_}v($Wcg!QMm2xn)|3$|}eN1&~6
zgR%JuXg&4!h-$5N!yk{lZglw@s((9Bj(io!X0o^9$fiT~oI<`5zgqp2(fO6~K#f5c
zX*jlqTw?p*gkfs*pFBXDS>|+Y5%$2NSz>@7d5W)%#S)SsB$1g-SJ66nEyEdpQfmMb;?S%qn$2ZdJw>
zQ3Nixm~azGW3x49%;?v&r!)zx-<%;DAESE@RiA^|yQSCR`TtcY{~UJlKB=)CL96dA
z_x5d>;MGDcV?jzYwb!f7Rq{_xqom@b8?IPCleVp7A|2YJ>z8`pa=v0PqLbx3-R82H
zaGZcpxCZgtUf4|7ju*!iUa&O=pMO!^t_uD-`0>b-bSGrXUl?t;h$PBt*ptNGd{~-9
z(S#GRD*c0t266A6&*VKhP-^zd!!c?an&kWxZ1b~)8eKDKu@gWg%6J!R43xcP>S<=Y
zNJ13WCgaLIWsm+Rkx}fme5_Gb+s41O5TY3pfh5`<05Q@Z%Ot!W02#i5d@S_eEvv?Y7Ju;l)=bVLg-gG5vMoGgz0Yne)0KLsoJ94}jRQvRjJYEu2qmAMX
z)*oY0J3sa*^fY5$yALJhI5mWt@b~V-M^yl
zwfcBK?*|C6cK*W%eno`f=y!awB`^$5BTrga&BUi6%s(D;;)}Wui;x;PB=Hq$
zqik#mlu4;swdFhEsrB!p7T_Z3uKNBHu|4Sb^n>OwD`k4C%#W2}Hb3x64k#9EHD$kG
zI^!EWpRxUYGCF3R2+DY(b
z)^Y6iYB`)6gmMWr$#Oq9WcTh!hXV-O0q@>2Gr{mSXHuBP9s+dCQAZr43zD;x>W1QeO=
z{pXpd5Rf~c-ETtHB+%+WxbwflhttP()w}kwbMVzeimX}Ydi&goYK(Wyz!Q!EU#4kb
zZvD5~GmakLpebPejmZo!_n%;-7;P(ibcWaU)kMiyF;*l4C&{%R;PhA_X&vzcUFi}E
zhxgmd#zx=qD5MS!Lq2Y}@MV6xNPm&4F73i&r=&Qj>ZJtgFUWX4&MOUn-Zn_!%jE@^
z0ZA`DzZ@8L{|Ix@`26knQ_ao%7o>!A^4bMrCyO1FS-+niZiEU-H`Z<0(oH|@*;reA
zYQACe+l;T|6(2QoPxD2YGRJEC
z2NzqKuhUeoDJJyP`z7V3`#k7$(imY$rK49m&jSuaEFgA8f+yvMmWoZPFG5a3TK(ED
z8H|g+*3r!V#^Eg%d;FR(^{S#|;bq&U%NM#lLmK6#<$zPtR*%+84&!{|8_^#bjL?nA
zB*bwtnSj`x^vV@=i=+oi^fE>xN|VH`N_GFIPxhy~2e?^|+sKeW<(DaYm5djZf?4OG
znDYa*4cUE5Nz;P>W$0N)1HF{HLNepa+KHmQ*F(^8ABxZs#dwD-SHhe$*7@wM3HEUx
zjDLuJMLFn&{PLldt8Lq6mJ?L14;v}LD7qrwdi2Nl
zao}%eWkJvSZyd$Q=;Mm{4ifJP3)58MFgp5sq8L*OPN4O11CUC3Szmj0g%!moHfpB|
zBUZ7mjuhqEiPAAT95m^BBpf2U**BXZV!1zw0EV>NRDzif%DjiQ=utZv*`YW75S
zUy24>+*%6bV76RJWJM-Xx=0FR^Dv=fl5QMmlNZhVi49MeCj!vi5b)YL){+P99Tb7D
z?PD#~0-5F2uA9Wj0Ze0zqRiVM*=SiR*SKEuSf04}lrXxGOUFZXO
zj2B{=UAEU9dC~=-$D?eN9Ie+qukBT%a+L&10aeVDry~5R+|&6+g~R$iU7TNB3RQVE
zzInz(y~v_a46~a