Date: Tue, 19 Jan 2010 09:28:22 +0100 From: Willem Jan Withagen <wjw@digiware.nl> To: Luigi Rizzo <rizzo@iet.unipi.it> Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org, Hajimu UMEMOTO <ume@freebsd.org>, freebsd-ipfw@freebsd.org, David Horn <dhorn2000@gmail.com> Subject: Re: Unified rc.firewall ipfw me/me6 issue Message-ID: <4B556D26.7040503@digiware.nl> In-Reply-To: <20100119075925.GA42257@onelab2.iet.unipi.it> References: <25ff90d60912162320y286e37a0ufeb64397716d8c18@mail.gmail.com> <ygek4wmyp3j.wl%ume@mahoroba.org> <25ff90d60912180612y2b1f64fbw34b4d7f648762087@mail.gmail.com> <yged42c4770.wl%ume@mahoroba.org> <25ff90d61001021736p7b695197q104f4a7769b51b71@mail.gmail.com> <yge8wc5u872.wl%ume@mahoroba.org> <20100110185232.GA27907@onelab2.iet.unipi.it> <ygeiqb1w299.wl%ume@mahoroba.org> <20100117110443.GA58434@onelab2.iet.unipi.it> <20100119075925.GA42257@onelab2.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo wrote: > On Sun, Jan 17, 2010 at 12:04:43PM +0100, Luigi Rizzo wrote: >> On Sun, Jan 17, 2010 at 05:42:58PM +0900, Hajimu UMEMOTO wrote: >>> Hi, >>> >>>>>>>> On Sun, 10 Jan 2010 19:52:32 +0100 >>>>>>>> Luigi Rizzo <rizzo@iet.unipi.it> said: While we are at it, might I suggest one more "nice" thing... For several of my projects I reduced configuring a gateway/nat/firewall to just stuffing hostipnrs:ports into some shell variables. eg: firewall_forward_services="192.168.10.0/24^22 192.168.10.74^873 192.168.10.74^1195 192.168.10.66^80 192.168.10.117^10000 192.168.10.67^45457 2001:4cb8:3::67^45457 192.168.10.116^sip 192.168.10.113^sip" And I used to do that with the "std"-notation host:port. But once I got ipv6 connected, that no longer worked. And I also found that the ipv6 parser did some wierd stuff on other places as well. Is it posible to fix the ipv6nr parser and have it also recognise the versions: [a:b:c::d:e] and [a:b:c::d:e/64] (like firefox does) Yes, I know the stanza is: put your code where your mouth is. And I've been trying to find time to do this, and given enough days time will pop up. But this discussion is already running and people are already breaking up the code. Thanx, --WjW
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B556D26.7040503>