Received: with ECARTIS (v1.0.0; list netdev); Sat, 15 Jan 2005 04:44:18 -0800 (PST)
Received: from mx1.wiggy.net (levante.wiggy.net [195.85.225.139])
	by oss.sgi.com (8.13.0/8.13.0) with ESMTP id j0FCiCos001258
	for <netdev@oss.sgi.com>; Sat, 15 Jan 2005 04:44:12 -0800
Received: from wichert by mx1.wiggy.net with local (Exim 4.34)
	id 1CpnHn-0005j1-KT; Sat, 15 Jan 2005 13:44:11 +0100
Date: Sat, 15 Jan 2005 13:44:11 +0100
From: Wichert Akkerman <wichert@wiggy.net>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: netdev@oss.sgi.com
Subject: Re: ipv6 tunnel stops accepting input
Message-ID: <20050115124411.GA20912@wiggy.net>
References: <20050111125826.GA25169@wiggy.net> <20050115120323.GA20664@wiggy.net> <20050115122912.GA29331@gondor.apana.org.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20050115122912.GA29331@gondor.apana.org.au>
User-Agent: Mutt/1.5.6+20040907i
X-SA-Exim-Connect-IP: <locally generated>
X-Virus-Scanned: ClamAV 0.80/650/Sun Jan  2 19:00:02 2005
	clamav-milter version 0.80j
	on 127.0.0.1
X-Virus-Status: Clean
X-archive-position: 285
X-ecartis-version: Ecartis v1.0.0
Sender: netdev-bounce@oss.sgi.com
Errors-to: netdev-bounce@oss.sgi.com
X-original-sender: wichert@wiggy.net
Precedence: bulk
X-list: netdev

Previously Herbert Xu wrote:
> Hmm, is it still happening now?

Seems to work just fine now.

> Are you using a SIT tunnel? Do you allow SIT traffic initiated
> from the outside?

Hmm, that might indeed be the problem and would explain the behaviour:
generating outgoing traffic adds a connection and from that point
incoming traffic would hit the RELATED accept rule.

I'll redo the firewall rules a bit and see if things improve.

Wichert.

-- 
Wichert Akkerman <wichert@wiggy.net>    It is simple to make things.
http://www.wiggy.net/                   It is hard to make things simple.