From owner-freebsd-current@FreeBSD.ORG Fri Oct 5 18:31:26 2007 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BBEC416A420 for ; Fri, 5 Oct 2007 18:31:26 +0000 (UTC) (envelope-from SRS0=9b21a6f307d4be6272066c137cb2023468a640f2=479=es.net=oberman@es.net) Received: from postal1.es.net (postal3.es.net [IPv6:2001:400:14:3::8]) by mx1.freebsd.org (Postfix) with ESMTP id 503EA13C480 for ; Fri, 5 Oct 2007 18:31:26 +0000 (UTC) (envelope-from SRS0=9b21a6f307d4be6272066c137cb2023468a640f2=479=es.net=oberman@es.net) Received: from ptavv.es.net (ptavv.es.net [198.128.4.29]) by postal3.es.net (Postal Node 3) with ESMTP (SSL) id KCK79224; Fri, 05 Oct 2007 11:31:24 -0700 Received: from ptavv.es.net (ptavv.es.net [127.0.0.1]) by ptavv.es.net (Tachyon Server) with ESMTP id 3619C4500E; Fri, 5 Oct 2007 11:31:24 -0700 (PDT) To: Julian Elischer In-Reply-To: Your message of "Fri, 05 Oct 2007 11:02:22 PDT." <47067C2E.906@elischer.org> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_1191609084_12334P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Fri, 05 Oct 2007 11:31:24 -0700 From: "Kevin Oberman" Message-Id: <20071005183124.3619C4500E@ptavv.es.net> X-Sender-IP: 198.128.4.29 X-Sender-Domain: es.net X-Recipent: ;; X-Sender: X-To_Name: Julian Elischer X-To_Domain: elischer.org X-To: Julian Elischer X-To_Email: julian@elischer.org X-To_Alias: julian Cc: freebsd-current@freebsd.org Subject: Re: IPv6 support for tables in ipfw? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Oct 2007 18:31:26 -0000 --==_Exmh_1191609084_12334P Content-Type: text/plain; charset=us-ascii Content-Disposition: inline > Date: Fri, 05 Oct 2007 11:02:22 -0700 > From: Julian Elischer > > Kevin Oberman wrote: > > At this time the use of tables in ipfw is limited to IPv4. Is anyone > > looking at adding IPv6 address capability? > > > I am > but it's not 'soon' on my list. I am on travel for a couple of weeks, so I may try and get a start on this while at airports or on planes. Tables are very useful for allowing an IDS set up blocks on the fly. Right now I am limited to a new rule for every block and that is not very portable (since I don't want to step on existing rules) and very messy since, except for the address, all of the rules are identical. I'm using tables right now for V4, but I really need to have v6 support soon. I'm just not real sure what 'soon' is. I hope it's different from yours. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 --==_Exmh_1191609084_12334P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) Comment: Exmh version 2.5 06/03/2002 iD8DBQFHBoL8kn3rs5h7N1ERAnX8AKCZ8GqL3svys9acAfdEAXbc2c4NngCeKgWU CNcom7dM3rcd/h1GELA9UOw= =Bz1/ -----END PGP SIGNATURE----- --==_Exmh_1191609084_12334P--