Date: Tue, 03 May 2011 14:06:30 +0200 From: umage <theultramage@gmail.com> To: freebsd-ipfw@FreeBSD.org Subject: ipfw forward to ipv6 addresses Message-ID: <4DBFEFC6.4090702@gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, on freebsd 8.2 ipfw assumes when parsing the commandline that the target is an ipv4 address. Therefore, $ipfw add 1000 forward $target ip6 from $source to any out keep-state (to achieve source-based routing on a multihomed machine) will mess up and parse it as 0.0.7.210,3 or whatever. I found 5 year old bugreports on this: http://www.freebsd.org/cgi/query-pr.cgi?pr=104921 http://www.freebsd.org/cgi/query-pr.cgi?pr=117214 I also found this discussion from year 2003: https://www.sixxs.net/forum/?msg=setup-52946 where one of the users actually wrote a patch - for freebsd 4.8 - which is still there, however the code has completely changed so only someone who knows how ipfw is coded can do this. I also checked the sources of ipfw2.c, and found case TOK_FORWARD: { ipfw_insn_sa *p = (ipfw_insn_sa *)action; char *s, *end; NEED1("missing forward address[:port]"); action->opcode = O_FORWARD_IP; action->len = F_INSN_SIZE(ipfw_insn_sa); /* * In the kernel we assume AF_INET and use only * sin_port and sin_addr. Remember to set sin_len as * the routing code seems to use it too. */ p->sa.sin_family = AF_INET; p->sa.sin_len = sizeof(struct sockaddr_in); p->sa.sin_port = 0; Which indicates that no attempt at ipv6 support was made when this was coded. Can this be solved somehow? Thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4DBFEFC6.4090702>