On 11 Oct 2021 at 09:00p, Tommi Koivula pondered and said...

Yes, I can ping... Something... :)

Thanks, yes I can see IPv6 pings reaching the system running the BinkD server so traffic is getting to the machine concerned... just not it seems to the port via IPv6

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 11 Oct 2021 at 08:18p, Tommi Koivula pondered and said...

If you think the problem is in UFW, you can turn it off for a while. I think the problem is not there.

Yep turned it off and problem remains :(

I think your problem is somehere in your router PI, you should open ports 24554-24555 there as well. But as I'm no linux expert, I dont think I
can help much more.

So look at the Raspberry Pi that acts as the end point of the tunnel?

The main router connected to the internet does have 24554-24555 open already, and IPv4 traffic coming in via my ISP works OK

Your tunnel is working ok as you can poll out by ipv6.

True

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 11 Oct 2021 at 08:43p, Tommi Koivula pondered and said...

His tunnel is working, he can make outbound connections. So the protocal 41 is open to the tunnel endpoint computer. (PI).

I can also ping the Debian box via the Pi endpoint tunnel using IPv6... so I figure things must almost be working as I can reach the system from the internet via IPv6 and the tunnel using ping

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Paul,

On Tuesday October 12 2021 15:35, you wrote to Tommi Koivula:

Yes, I can ping... Something... :)

Thanks, yes I can see IPv6 pings reaching the system running the BinkD server so traffic is getting to the machine concerned... just not it
seems to the port via IPv6

It does indeed ping:

ping agency.bbs.nz

Ping agency.bbs.nz [2001:470:d:123::200] mit 32 Bytes Daten:

Antwort von 2001:470:d:123::200: Zeit=335ms
Antwort von 2001:470:d:123::200: Zeit=333ms
Antwort von 2001:470:d:123::200: Zeit=337ms
Antwort von 2001:470:d:123::200: Zeit=419ms

Ping-Statistik f�r 2001:470:d:123::200:
Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0 (0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 333ms, Maximum = 419ms, Mittelwert = 356ms



So far so good.

Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: he.net certified sage (2:280/5555)

Hello Paul,

Tuesday October 12 2021 10:38, I wrote to you:

So far so good.

But your binkp server is still not reachable via IPv6. I have one more suggestion. Reread the Fidonews articles I wrote with the title "A second life for the Linksys". I document how to set up a tunnel, route a /64 to the LAN and open ports on an OpenWrt router.

The setup may be comparable to what you have on your Pi. Maybe if you compare you setting with mine, you will have an "AH Erlebnis".

For your convenience I have made the articles available here:

http://www.vlist.eu/downloads/fidonews/myarticles/2ndlflnksys1.art http://www.vlist.eu/downloads/fidonews/myarticles/2ndlflnksys2.art http://www.vlist.eu/downloads/fidonews/myarticles/2ndlflnksys3.art


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: he.net certified sage (2:280/5555)

Paul Hayton wrote to Tommi Koivula <=-

On 11 Oct 2021 at 08:43p, Tommi Koivula pondered and said...

His tunnel is working, he can make outbound connections. So the protocal 41 is open to the tunnel endpoint computer. (PI).

I can also ping the Debian box via the Pi endpoint tunnel using IPv6...
so I figure things must almost be working as I can reach the system
from the internet via IPv6 and the tunnel using ping

Question:
Is one native IPv6 and the other endpoint a 6-to-4 tunnel? This *may* be an issue. Using IPv4 as a test would help. I know natively on my access node
I can not ssh to it using it's tunneled IPs because the MTU doesn't match. If
I use a direct IP connection there's no issues at all... and again the MTU matches at 1500 not 1480 as a tunneled link would. Could this perhaps be
an issue? Just thinking out loud :)

... MultiMail, the new multi-platform, multi-format offline reader!
--- MultiMail/Linux v0.52
* Origin: SBBS - Carnage! 2001:470:8a1e::3 (1:142/103)

Hi Paul.

12 Oct 21 15:43:00, you wrote to me:

I think your problem is somehere in your router PI, you should open ports
24554-24555 there as well. But as I'm no linux expert, I dont think I
can help much more.

So look at the Raspberry Pi that acts as the end point of the tunnel?

At that PI you should open and/or forward ports. Which OS are you running there?

The main router connected to the internet does have 24554-24555 open already, and IPv4 traffic coming in via my ISP works OK

At the main router it is needed only to open protocol 41 from he.net to your PI so that the tunnel works. Anything else on the IPV4 side is irrelevant.

In my Ubuntu:

tommi@pin:~$ sudo ufw status|grep ipv6
Anywhere ALLOW 216.66.84.46/ipv6

But all this seems to be working at your setup...

'Tommi

---
* Origin: rbb.fidonet.fi (2:221/360)

On 12 Oct 2021 at 01:31p, Brian Rogers pondered and said...

Question:
Is one native IPv6 and the other endpoint a 6-to-4 tunnel? This *may* be an issue. Using IPv4 as a test would help. I know natively on my access

No native IPv6 here :( I'm only able to access IPv6 because I run the he.net tunnel on the Raspberry Pi. It in turn assigns other devices on my LAN their IPv6 addresses.

Before I moved to Linux for my HUB things worked fine on Windows for BinkD. So with the settings in the Edgerouter and the settings in the RPi end point for the IPv6 tunnel unchanged, my hunch is that it's something not right in the Debian 10 box I built that now runs the HUB and BBS

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 12 Oct 2021 at 09:06p, Tommi Koivula pondered and said...

At that PI you should open and/or forward ports. Which OS are you running there?

It's an older Pi, not sure.

At the main router it is needed only to open protocol 41 from he.net to your PI so that the tunnel works. Anything else on the IPV4 side is irrelevant.

If I can ping to the box that's not enough to know things are OK right? OK will see what I can find.

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 13 Oct 2021 at 09:34a, Paul Hayton pondered and said...

If I can ping to the box that's not enough to know things are OK right?
OK will see what I can find.

I think I figured it out (at last).

It turns out the Rpi endpoint of my he.net tunnel was missing some FORWARD rules in the ip6tables setting. When I finally dug into that and saw it was missing such a rule for the new static IPv6 I had set for my new Linux box things finally started working.

If you would like to test

agency.bbs.nz
ipv6.agency.bbs.nz

ports 24554-24556

I'm hoping all is well now.

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Paul;

Paul Hayton wrote to Brian Rogers <=-

No native IPv6 here :( I'm only able to access IPv6 because I run the he.net tunnel on the Raspberry Pi. It in turn assigns other devices on
my LAN their IPv6 addresses.

Before I moved to Linux for my HUB things worked fine on Windows for BinkD. So with the settings in the Edgerouter and the settings in the
RPi end point for the IPv6 tunnel unchanged, my hunch is that it's something not right in the Debian 10 box I built that now runs the HUB
and BBS

Ok, so by process of elimination, what happens when you shut off ALL your firewalling? Don't forget you probably have one firewall on your router,
one on your RPi, and one on your Debian box. Insure they're ALL off... test your bink. Turn the one on your router back on, test bink. Eventually if it
is firewall related you'll find which one it is.

I write my own firewall so it's simple for me to maintain it. It almost looks like UFW is almost like manually writing iptables rules. If still no go then look at sysctrl.conf. If that's good then look at your routing. You should
be able to "traceroute6 bbs.n1uro.com". If you can do all that, then I'd look at your bink settings. If everything looks great, then try IPv4 only. This
will be a hair pulling experience but you'll get it.

... What is mind? No matter! What is matter? Never mind! - Homer S.
--- MultiMail/Linux v0.52
* Origin: SBBS - Carnage! 2001:470:8a1e::3 (1:142/103)

Hey Paul;

Paul Hayton wrote to All <=-

It turns out the Rpi endpoint of my he.net tunnel was missing some
FORWARD rules in the ip6tables setting. When I finally dug into that
and saw it was missing such a rule for the new static IPv6 I had set
for my new Linux box things finally started working.

If you would like to test

agency.bbs.nz
ipv6.agency.bbs.nz

ports 24554-24556

n1uro@n1uro:~$ telnet6 ipv6.agency.bbs.nz 24554
Trying 2001:470:d:123::200...
Connected to ipv6.agency.bbs.nz.
Escape character is '^]'.
���.OPT CRAM-MD5-63a15ca50d2db19365e6ebdec75a76ee���SYS Agency + Risa HUB���ZYZ Paul Hayton���LOC Dunedin, New Zealand���)NDL 115200,TCP,CM,MO,IBN,BINKP,PING,IPv6���%TIME Wed, 13 Oct 2021 17:14:26 +1300���#VER binkd/1.1a-112/Linux binkp/1.1������ 3:57/0@fidonet 3:770/1@fidonet 3:770/0@fidonet 3:772/1@fidonet 3:772/0@fidonet 21:1/100@fsxnet 21:1/3@fsxnet 21:1/2@fsxnet 21:1/1@fsxnet 21:1/0@fsxnet 39:970/0@amiganet 46:3/103@agoranet


Sorry doesn't work <G>

--- MultiMail/Linux v0.52
* Origin: SBBS - Carnage! 2001:470:8a1e::3 (1:142/103)

Hello Paul;

Paul Hayton wrote to Brian Rogers <=-

No native IPv6 here :( I'm only able to access IPv6 because I run the he.net tunnel on the Raspberry Pi. It in turn assigns other devices on
my LAN their IPv6 addresses.

Before I moved to Linux for my HUB things worked fine on Windows for BinkD. So with the settings in the Edgerouter and the settings in the
RPi end point for the IPv6 tunnel unchanged, my hunch is that it's something not right in the Debian 10 box I built that now runs the HUB
and BBS

Ok, so by process of elimination, what happens when you shut off ALL your firewalling? Don't forget you probably have one firewall on your router,
one on your RPi, and one on your Debian box. Insure they're ALL off... test your bink. Turn the one on your router back on, test bink. Eventually if it
is firewall related you'll find which one it is.

I write my own firewall so it's simple for me to maintain it. It almost looks like UFW is almost like manually writing iptables rules. If still no go then look at sysctrl.conf. If that's good then look at your routing. You should
be able to "traceroute6 bbs.n1uro.com". If you can do all that, then I'd look at your bink settings. If everything looks great, then try IPv4 only. This
will be a hair pulling experience but you'll get it.

... What is mind? No matter! What is matter? Never mind! - Homer S.
--- MultiMail/Linux v0.52
* Origin: SBBS - Carnage! 2001:470:8a1e::3 (1:142/103)

On 13 Oct 2021 at 12:14a, Brian Rogers pondered and said...

n1uro@n1uro:~$ telnet6 ipv6.agency.bbs.nz 24554
Trying 2001:470:d:123::200...
Connected to ipv6.agency.bbs.nz.
Escape character is '^]'.
���.OPT CRAM-MD5-63a15ca50d2db19365e6ebdec75a76ee���SYS Agency + Risa HUB���ZYZ Paul Hayton���LOC Dunedin, New Zealand���)NDL 115200,TCP,CM,MO,IBN,BINKP,PING,IPv6���%TIME Wed, 13 Oct 2021 17:14:26 +1300���#VER binkd/1.1a-112/Linux binkp/1.1������ 3:57/0@fidonet

Phew :)

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 12 Oct 2021 at 10:32p, Brian Rogers pondered and said...

Ok, so by process of elimination, what happens when you shut off ALL your firewalling? Don't forget you probably have one firewall on your router,

Curious I ended up getting this message twice from you

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Paul,

On Wednesday October 13 2021 16:43, you wrote to All:

If you would like to test

agency.bbs.nz
ipv6.agency.bbs.nz

ports 24554-24556

10:19 [3940] creating a poll for 3:770/1@fidonet (`d' flavour)
10:19 [3940] clientmgr started
+ 10:19 [2292] call to 3:770/1@fidonet
10:19 [2292] trying agency.bbs.nz [2001:470:d:123::200]...
10:19 [2292] connected
+ 10:19 [2292] outgoing session with agency.bbs.nz:24554 [2001:470:d:123::200] - 10:19 [2292] OPT CRAM-MD5-44b9450679b96b08cfeaf80cf3f0d7ee
+ 10:19 [2292] Remote requests MD mode
- 10:19 [2292] SYS Agency + Risa HUB
- 10:19 [2292] ZYZ Paul Hayton
- 10:19 [2292] LOC Dunedin, New Zealand
- 10:19 [2292] NDL 115200,TCP,CM,MO,IBN,BINKP,PING,IPv6
- 10:19 [2292] TIME Wed, 13 Oct 2021 21:19:33 +1300
- 10:19 [2292] VER binkd/1.1a-112/Linux binkp/1.1
+ 10:19 [2292] addr: 3:57/0@fidonet
+ 10:19 [2292] addr: 3:770/1@fidonet
+ 10:19 [2292] addr: 3:770/0@fidonet

+ 10:20 [3424] call to 3:770/100@fidonet
10:20 [3424] trying agency.bbs.nz [2001:470:d:123::200]:24555...
10:20 [3424] connected
+ 10:20 [3424] outgoing session with agency.bbs.nz:24555 [2001:470:d:123::200] - 10:20 [3424] OPT CRAM-MD5-54bde3f52091406db3f66ae058b4f7c3
+ 10:20 [3424] Remote requests MD mode
- 10:20 [3424] SYS Agency BBS
- 10:20 [3424] LOC Dunedin, New Zealand
- 10:20 [3424] ZYZ Avon
- 10:20 [3424] TIME Wed, 13 Oct 2021 21:20:57 +1300
- 10:20 [3424] VER Mystic/1.12A47 binkp/1.0
- 10:20 [3424] BUILD 2021/09/29 13:02:30 Linux/64
+ 10:20 [3424] addr: 46:3/203@agoranet (n/a or busy)
+ 10:20 [3424] addr: 39:970/1@amiganet (n/a or busy)
+ 10:20 [3424] addr: 3:770/100@fidonet

I'm hoping all is well now.

It is! Now remove the "ipv4." in "ipv4.agency.bbs.nz" in the nodelist and you are back as a full member of the Fidonet IPv6 club. ;-)


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: he.net certified sage (2:280/5555)

On 13.10.2021 6.43, Paul Hayton wrote:

I think I figured it out (at last).

It turns out the Rpi endpoint of my he.net tunnel was missing some FORWARD rules in the ip6tables setting. When I finally dug into that and saw it was missing such a rule for the new static IPv6 I had set for my new Linux box things finally started working.

If you would like to test

agency.bbs.nz
ipv6.agency.bbs.nz

ports 24554-24556

Starting Nmap 7.70 ( https://nmap.org ) at 2021-10-13 13:28 EEST
Nmap scan report for ipv6.agency.bbs.nz (2001:470:d:123::200)
Host is up (0.35s latency).

PORT STATE SERVICE
24554/tcp open binkp
24555/tcp open unknown
24556/tcp filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 5.95 seconds

+1 :)

'Tommi

--- Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.2.0
* Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/1.0)

Hello Paul;

Paul Hayton wrote to Brian Rogers <=-

Curious I ended up getting this message twice from you

I wonder if it's because I had a desktop crash while drafting responses and
a stale copy was in multimail?

Was it just this one?

--- MultiMail/Linux v0.52
* Origin: SBBS - Carnage! 2001:470:8a1e::3 (1:142/103)

On 13 Oct 2021 at 10:19a, Michiel van der Vlist pondered and said...

It is! Now remove the "ipv4." in "ipv4.agency.bbs.nz" in the nodelist
and you are back as a full member of the Fidonet IPv6 club. ;-)

Doing this now. Cheers. :)

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 13 Oct 2021 at 12:59p, Brian Rogers pondered and said...

I wonder if it's because I had a desktop crash while drafting responses and a stale copy was in multimail?

Was it just this one?

Yep just one reply sent twice, but erm only seen this once ;-)

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Paul;

Paul Hayton wrote to Brian Rogers <=-

Yep just one reply sent twice, but erm only seen this once ;-)

It had to have been the desktop crash then. I lost all my good taglines
too *sigh*

--- MultiMail/Linux v0.52
* Origin: SBBS - Carnage! 2001:470:8a1e::3 (1:142/103)

On 14 Oct 2021 at 07:28a, Brian Rogers pondered and said...

It had to have been the desktop crash then. I lost all my good taglines too *sigh*

Poop.. sorry to hear :(

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Paul!

11 Oct 2021 19:53, Paul Hayton wrote to All:

I'm stuck as to know why I can't seem to get ports open for my IPv6 address when I have UFW seemingly enabled.

ip6tables -nvL
ip -6 route show
ip addr show
ifconfig

would be very helpfull info

if ufw fails, change to shorewall

But it feels like I'm 90%+ sorted as I know the Debian box can happily poll outbound BinkD traffic without issue.

ipv4 and ipv6 is 2 firewall rule set imho also in ufw

one use iptables, and another ip6tables

Any help appreciated.

gentoo ? :=)


Regards Benny

... too late to die young :)

--- Msged/LNX 6.1.2 (Linux/5.14.12-gentoo-dist (x86_64))
* Origin: gopher://fido.junc.eu/ (2:230/0)

Hello Paul,

On Thursday October 14 2021 17:12, you wrote to me:

It is! Now remove the "ipv4." in "ipv4.agency.bbs.nz" in the
nodelist and you are back as a full member of the Fidonet IPv6
club. ;-)

Doing this now. Cheers. :)

The change propagated to this friday's Z2 nodelist. :)


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: he.net certified sage (2:280/5555)

Good ${greeting_time}, Benny!

15 Oct 2021 07:50:18, you wrote to Paul Hayton:

ifconfig

Don't use this command for any purpose. Never.


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-ccxxix-lxxix-xlii

... that's why I really dislike fools.
--- /bin/vi
* Origin: ::1 (2:5020/545)

On 15 Oct 2021 at 09:45a, Michiel van der Vlist pondered and said...

Doing this now. Cheers. :)

The change propagated to this friday's Z2 nodelist. :)

good stuff

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 15 Oct 2021 at 07:50a, Benny Pedersen pondered and said...

Hello Paul!

Hi Benny.

Thanks for the ideas and tips. I have managed to solve my problem now.
A good nights sleep awaits.

--- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Alexey!

15 Oct 2021 11:10, Alexey Vissarionov wrote to Benny Pedersen:

ifconfig

Don't use this command for any purpose. Never.

i like to know why ?


Regards Benny

... too late to die young :)

--- Msged/LNX 6.1.2 (Linux/5.14.12-gentoo-dist (x86_64))
* Origin: gopher://fido.junc.eu/ (2:230/0)

Hello Paul!

15 Oct 2021 21:44, Paul Hayton wrote to Benny Pedersen:

Thanks for the ideas and tips. I have managed to solve my problem now.
A good nights sleep awaits.

you did use eth0 for tunnel ? :=)

while it should be tun0 ?, as i remember my first he.net setup

no need for me to help others with shorewall then


Regards Benny

... too late to die young :)

--- Msged/LNX 6.1.2 (Linux/5.14.12-gentoo-dist (x86_64))
* Origin: gopher://fido.junc.eu/ (2:230/0)

Good ${greeting_time}, Benny!

15 Oct 2021 09:43:24, you wrote to me:

ifconfig

Don't use this command for any purpose. Never.

i like to know why ?

It uses deprecated API and may leave the kernel network stack in a really unpredictable state.

I guess you are using iptables instead of ipchains and ipfwadm. Or... ?


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-ccxxix-lxxix-xlii

... that's why I really dislike fools.
--- /bin/vi
* Origin: ::1 (2:5020/545)

Dear Alexey,

16 Oct 21 00:55, you wrote to Benny Pedersen:

ifconfig

Don't use this command for any purpose. Never.

i like to know why ?

It uses deprecated API and may leave the kernel network stack in a
really unpredictable state.

Using it for viewing (as Benny suggested) is probably safe?

I've seen some Linux distros however where `ifconfig` is even not available unless you install some legacy package. Thank God, BSD is still a Unix-like system.

Victor Sudakov, VAS4-RIPE, VAS47-RIPN
--- GoldED+/BSD 1.1.5-b20170303-b20170303
* Origin: Ulthar (2:5005/49)

Hello Alexey!

16 Oct 2021 00:55, Alexey Vissarionov wrote to Benny Pedersen:

ifconfig

Don't use this command for any purpose. Never.

i like to know why ?

It uses deprecated API and may leave the kernel network stack in a
really unpredictable state.

what kernerl version do you refer to here ?

and what ifconfig ?

that is usefull info imho

I guess you are using iptables instead of ipchains and ipfwadm. Or...
?

or maybe vim ?

shorewall is my friend


Regards Benny

... too late to die young :)

--- Msged/LNX 6.1.2 (Linux/5.14.12-gentoo-dist (x86_64))
* Origin: gopher://fido.junc.eu/ (2:230/0)

Good ${greeting_time}, Benny!

16 Oct 2021 15:02:52, you wrote to me:

ifconfig

Don't use this command for any purpose. Never.

i like to know why ?

It uses deprecated API and may leave the kernel network stack
in a really unpredictable state.

what kernerl version do you refer to here ?

2.6+

and what ifconfig ?

Any.

that is usefull info imho

Not really, for over 10 years.

I guess you are using iptables instead of ipchains and ipfwadm.
Or... ?

or maybe vim ? shorewall is my friend

Very stupid.


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-ccxxix-lxxix-xlii

... that's why I really dislike fools.
--- /bin/vi
* Origin: ::1 (2:5020/545)

Hello Alexey!

17 Oct 2021 05:05, Alexey Vissarionov wrote to Benny Pedersen:

2.6+

time to upgrade ?

and what ifconfig ?

Any.

cve then ?

that is usefull info imho

Not really, for over 10 years.

nothing happended in 10 yaers of cve ?

I guess you are using iptables instead of ipchains and ipfwadm.
Or... ?

or maybe vim ? shorewall is my friend

Very stupid.

its my choice, learn to live with it


Regards Benny

... too late to die young :)
--- Msged/LNX 6.1.2 (Linux/5.14.12-gentoo-dist (x86_64))
* Origin: gopher://fido.junc.eu/ (2:230/0)