[netfilter-core] ip6tables question

Harald Welte laforge at netfilter.org
Wed Mar 30 17:23:16 CEST 2005

On Wed, Mar 30, 2005 at 10:19:11PM +0900, kesan wrote:
> Hello?
> I need to capture IPv6 packets in the prerouting stage and redirect them to
> another host/port. Is there a target extension for ip6tables for
> redirecting, like "REDIRECT" for iptables? 

Please read http://www.netfilter.org/contact.html.  Don't ask usage
questions to the core team, please.

Regarding your question: There is unfortunately no REDIRECT for
ip6tables at this moment.  We're currently discussing some ideas how to
implement REDIRECT like functionality (for transparent proxes on the
local host) without requiring NAT.  This discussion is not finished, and
there is no implementation so far.

> When is support NAT table for Ip6tables?

Only over my dead body.  We will never implement ipv6-to-ipv6 network
address translation as long as I have any say in netfilter/iptables
development.  NAT is evil and causes horrible breakage of end-to-end on
the internet.  IPv6 has enough addresses and therefore no justification
for NAT.

- Harald Welte <laforge at netfilter.org>                 http://netfilter.org/
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie
