Date: Fri, 27 Apr 2007 09:28:33 +0300 From: Jan Mikael Melen <jan@melen.org> To: freebsd-ipfw@freebsd.org Subject: ipfw2: IPv6 and new protocols Message-ID: <200704270928.34327.jan@melen.org>
next in thread | raw e-mail | index | archive | help
Hi,
Is there a specific reason why the upper-layer protocols are limited in IPv6
with ipfw2? The problem that I see is that if there is a firewall in the net
that uses ipfw2 you can't introduce any new protocols to IPv6 without
updating all firewalls of the net?
When using new next header numbers ipfw2 complains "Unknown Extension
Header(253)" although the there is a rule that allows the protocol to pass
through, but the packet is dropped already before the rules are checked. I
noticed from the code that for example all MIPv6 extension headers and SCTP
are missing from the code and probably many others as well.
Regards,
Jan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200704270928.34327.jan>