Version 2.6.12 of the Linux kernel is likely to include packet filtering that will work with IPv6, the latest version of the Internet Protocol. Netfilter/iptables, the firewall engine that is part of the Linux kernel, already allows stateless packet filtering for versions 4 and 6 of the Internet protocol, but only allows stateful packet filtering for IPv4. Stateful packet filtering is the more secure method, since it analyses whole streams of packets, rather than only checking the headers of individual packets -- as is done in stateless packet filtering.

Harald Welte, a developer on the Netfilter project and maintainer of the packet filter subsystem in the Linux kernel, said last week that a considerable amount of work went into adding IPv6 functionality, as parts of the code needed to be rewritten to create a plug-in architecture which would allow the packet filter to work with either IPv4 and IPv6.

The link for this article located at ZDNet.co.uk is no longer available.