From owner-freebsd-ipfw@FreeBSD.ORG Tue May 3 12:29:17 2011 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ADFDF10657DA for ; Tue, 3 May 2011 12:29:17 +0000 (UTC) (envelope-from theultramage@gmail.com) Received: from mail-ew0-f54.google.com (mail-ew0-f54.google.com [209.85.215.54]) by mx1.freebsd.org (Postfix) with ESMTP id 2D18A8FC13 for ; Tue, 3 May 2011 12:29:16 +0000 (UTC) Received: by ewy1 with SMTP id 1so5418ewy.13 for ; Tue, 03 May 2011 05:29:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:content-type; bh=YGfqEbyR267PvuB2cNjwirMqzhaBlom/gAAFb9DaUpk=; b=oOZYqcEeHcTdzh1DUv97G7LKMTI/DVXcG0QrJtX1IPBuFT9FxQe8KiMTx4aaXXLG1V xvrCS/KrsB3fPfQlupKrlvKXUYntGnyX3g+MexjjTJKI3TxUggO0lgjZfJiRrzQuIcgz 4kgCBp1HqGcGTBPdN4TMPPMzXKIOXtnrF+YqU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type; b=VMSsOLUgh2KSYQEP/F44xYHurv30qUVY8Azd4ZiModdMv77nMVdf4Q/SdlutNIjbs2 owT09SBlrm9qeFCTPWMtF7v/e+Ye6ZBVA+bDmUNIzYFka1ABVeBii+Bykx6nFLoTTS1B DhETkJg+n0PAkiHdixK09c5Ph5ON0fz0kRZp4= Received: by 10.213.10.143 with SMTP id p15mr1927861ebp.98.1304424394427; Tue, 03 May 2011 05:06:34 -0700 (PDT) Received: from [10.0.0.2] (217-75-87-59.chassco.swan.sk [217.75.87.59]) by mx.google.com with ESMTPS id y18sm15717eeh.1.2011.05.03.05.06.32 (version=SSLv3 cipher=OTHER); Tue, 03 May 2011 05:06:33 -0700 (PDT) Message-ID: <4DBFEFC6.4090702@gmail.com> Date: Tue, 03 May 2011 14:06:30 +0200 From: umage User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b3pre Thunderbird/3.1.10 MIME-Version: 1.0 To: freebsd-ipfw@FreeBSD.org X-Mailman-Approved-At: Tue, 03 May 2011 12:31:50 +0000 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: ipfw forward to ipv6 addresses X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 May 2011 12:29:17 -0000 Hi, on freebsd 8.2 ipfw assumes when parsing the commandline that the target is an ipv4 address. Therefore, $ipfw add 1000 forward $target ip6 from $source to any out keep-state (to achieve source-based routing on a multihomed machine) will mess up and parse it as 0.0.7.210,3 or whatever. I found 5 year old bugreports on this: http://www.freebsd.org/cgi/query-pr.cgi?pr=104921 http://www.freebsd.org/cgi/query-pr.cgi?pr=117214 I also found this discussion from year 2003: https://www.sixxs.net/forum/?msg=setup-52946 where one of the users actually wrote a patch - for freebsd 4.8 - which is still there, however the code has completely changed so only someone who knows how ipfw is coded can do this. I also checked the sources of ipfw2.c, and found case TOK_FORWARD: { ipfw_insn_sa *p = (ipfw_insn_sa *)action; char *s, *end; NEED1("missing forward address[:port]"); action->opcode = O_FORWARD_IP; action->len = F_INSN_SIZE(ipfw_insn_sa); /* * In the kernel we assume AF_INET and use only * sin_port and sin_addr. Remember to set sin_len as * the routing code seems to use it too. */ p->sa.sin_family = AF_INET; p->sa.sin_len = sizeof(struct sockaddr_in); p->sa.sin_port = 0; Which indicates that no attempt at ipv6 support was made when this was coded. Can this be solved somehow? Thanks.