Date: Wed, 11 Feb 2009 16:42:22 -0800 From: "Kevin Oberman" <oberman@es.net> To: Raffaele De Lorenzo <raffaele.delorenzo@libero.it> Cc: freebsd-net@freebsd.org, freebsd-ipfw@freebsd.org Subject: Re: Support for IPv6 tables in ipfw? Message-ID: <20090212004222.028CF1CC0B@ptavv.es.net> In-Reply-To: Your message of "Wed, 11 Feb 2009 23:50:34 %2B0100." <48EED655-AD6F-4C37-8182-86715F417011@libero.it>
next in thread | previous in thread | raw e-mail | index | archive | help
> From: Raffaele De Lorenzo <raffaele.delorenzo@libero.it> > Date: Wed, 11 Feb 2009 23:50:34 +0100 > > Hi, > I developed with Luigi (as mentor) and Mariano Tortoriello the first > release of ipfw with ipv6 extension. If you and the FreeBSD Community > think that the tables functional is a good feature i can develop it > for IPv6 protocol. Tables are invaluable for several functions. The most important to me is the ability to create a 'block' list that can be easily updated from a program or script. With a table you just need: add 00500 unreach port ip from table 86 to any in your standard configuration and then a script can do: table 22 add 2001:400:14:23::45 to add a system to the list. To do it without tables means finding an available rule and inserting the rule in the main table. I can do it without tables, but it works much better with them. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090212004222.028CF1CC0B>