Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 22 Jun 2020 08:42:39 +0200
From:      "Kristof Provost" <kp@FreeBSD.org>
To:        "David Mehler" <dave.mehler@gmail.com>
Cc:        freebsd-pf <freebsd-pf@freebsd.org>
Subject:   Re: Need a PF consultant
Message-ID:  <B85832D6-C75C-4BEC-BF23-1A9D22BCD829@FreeBSD.org>
In-Reply-To: <CAPORhP4sLGro1yRcdtjxq7uqqX2pUuZajiueANQYe3xWc0%2B0mQ@mail.gmail.com>
References:  <CAPORhP5cXn3tNM4KY78--2aoQmCDs%2BQE_c1XvyouEZCbby9Dxw@mail.gmail.com> <EB869194-3BBD-4A17-8881-A630369BE358@FreeBSD.org> <CAPORhP4sLGro1yRcdtjxq7uqqX2pUuZajiueANQYe3xWc0%2B0mQ@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On 22 Jun 2020, at 2:06, David Mehler wrote:
> Thanks for all your replies.
>
> Donald, the IPv6 dns is working fine in this situation.
>
> Kristof, here's what I originally had in my pf.conf file for ICMP:
>
> pass out quick on $ext_if proto { icmp, icmp6 } modulate state
> pass in quick on $ext_if proto { icmp, icmp6 }
>
That’s a somewhat bigger hammer than what I proposed, but that should 
work as well.

> I commented that out, added in your rules, disabled and reenabled PF,
> and did a ping6. Good news is the first time I tried ping6 it worked,
> bad news is the second time I tried it about two minutes later it sent
> out the ping6 but didn't return anything, zero packets received. A few
> minutes later doing the UDP connect no route to host thing again.
>
> While the original focus of my question was IPv6 would you be willing
> to assist me with my general configuration? As I said I can go in to
> much more detail on this.

Please do send me the information you have, yes.

Best regards,
Kristof



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B85832D6-C75C-4BEC-BF23-1A9D22BCD829>