[ale] Another IPv6? - How do I know if I'm on that network

Michael H. Warfield mhw at WittsEnd.com
Wed Feb 9 15:55:16 EST 2011 

On Wed, 2011-02-09 at 15:31 -0500, Greg Freemyer wrote: 
> All,
> 
> I was just doing some testing on an old openSUSE 10.1 box.  I had the
> firewall setup to block 443 incoming traffic from my external
> interface.
> 
> I did some test connections that failed as expected, but just to make
> sure nothing was getting through.

> I did a netstat -an | grep 443

> To my shock I saw a active connection from google  (*.1e100.net).

> I have made no attempt to be on the IPv6 network here, but I'm having
> trouble coming up with another explanation.

You're going to have to most more information there.  Like the complete
string with addresses, not just a snipet.  What you posted didn't even
make sense to me.

[mhw at amethyst ~]$ netstat -an | grep 443
tcp  0  0 :::443   :::*    LISTEN      

Like that's just listening.  I would like to see the peer addresses and
the connection state.

> So how do I verify the outside world doesn't have some way to bypass
> my firewall.

First off, find out if you have any global unicast addresses configured.

Example (using ip):

[mhw at amethyst ~]$ ip -6 addr ls
98: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
94: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 fe80::204:8ff:fe00:151/64 scope link 
       valid_lft forever preferred_lft forever
96: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qlen 1000
    inet6 2001:4830:3000:2:204:8ff:fe00:1151/64 scope global dynamic 
       valid_lft 2591953sec preferred_lft 604753sec
    inet6 fe80::204:8ff:fe00:1151/64 scope link 
       valid_lft forever preferred_lft forever

See that address saying "global dynamic".  That's what you are looking
for.  No "global" (dynamic or otherwise) then no they can't.

You can get that from ifconfig as well:

[mhw at amethyst ~]$ ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 00:04:08:00:11:51  
          inet6 addr: 2001:4830:3000:2:204:8ff:fe00:1151/64 Scope:Global
          inet6 addr: fe80::204:8ff:fe00:1151/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1400  Metric:1
          RX packets:3729060 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1738041 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3295706892 (3.0 GiB)  TX bytes:599242483 (571.4 MiB)

Again...  "Scope: Global" on an inet6 address is what you are looking
for.

> Thanks
> Greg

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20110209/a121171b/attachment.bin

More information about the Ale mailing list