From owner-freebsd-current Sun Jul 1 11: 0:56 2001 Delivered-To: freebsd-current@freebsd.org Received: from harrier.mail.pas.earthlink.net (harrier.mail.pas.earthlink.net [207.217.121.12]) by hub.freebsd.org (Postfix) with ESMTP id 8059137B401 for ; Sun, 1 Jul 2001 11:00:52 -0700 (PDT) (envelope-from matt-l@pacbell.net) Received: from fire (1Cust191.tnt1.pasadena.ca.da.uu.net [63.28.226.191]) by harrier.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with SMTP id LAA10882; Sun, 1 Jul 2001 11:00:42 -0700 (PDT) Message-ID: <005701c10256$d5361960$6503c23f@XGforce.com> Reply-To: "matt" From: "matt" To: "Niels Chr. Bank-Pedersen" , References: <20010701142120.C770@bank-pedersen.dk> Subject: Re: ipfilter+ipv6 - what am I missing? Date: Sun, 1 Jul 2001 10:54:01 -0700 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I don't think ipf is complete in its ipv6 support yet.You can use ipfw instead. ====================================== WWW.XGFORCE.COM The Next Generation Load Balance and Fail Safe Server Clustering Software for the Internet. ====================================== ----- Original Message ----- From: Niels Chr. Bank-Pedersen To: Sent: Sunday, July 01, 2001 5:21 AM Subject: ipfilter+ipv6 - what am I missing? > Hi, > > On yesterdays -current I'm having some problems making ipfilter > DTRT with ipv6 packets: > > bm# ipfstat -6io > block out quick on xl0 from any to any > block out quick on vx0 from any to any > block in quick on xl0 from any to any > block in quick on vx0 from any to any > > (passing ipv6 traffic) > > bm# ipfstat -6 > IPv6 packets: in 0 out 0 > > Even with the above ruleset installed, ipfilter doesn't block > any traffic at all, and counters for ipv6 packets remains at > zero while successfully running various ipv6 sessions through > the firewall, so what am I missing here? > > Feel free to flame me if I am missing the obvious :-) > > > /Niels Chr. > > -- > Niels Christian Bank-Pedersen, NCB1-RIPE. > Network Manager, TDC, IP-section. > > "Hey, are any of you guys out there actually *using* RFC 2549?" > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message