From owner-freebsd-bugs Thu Feb 21 3:40: 8 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id BC36A37B416 for ; Thu, 21 Feb 2002 03:40:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1LBe1V71643; Thu, 21 Feb 2002 03:40:01 -0800 (PST) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D04B137B400 for ; Thu, 21 Feb 2002 03:32:23 -0800 (PST) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1LBWN570853; Thu, 21 Feb 2002 03:32:23 -0800 (PST) (envelope-from nobody) Message-Id: <200202211132.g1LBWN570853@freefall.freebsd.org> Date: Thu, 21 Feb 2002 03:32:23 -0800 (PST) From: Vlado To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: conf/35178: ipfilter for IPV6 not availlable in rc.* Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 35178 >Category: conf >Synopsis: ipfilter for IPV6 not availlable in rc.* >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Feb 21 03:40:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Vlado >Release: STABLE >Organization: >Environment: FreeBSD pc042.otanner9.kas.tut.fi 4.5-STABLE FreeBSD 4.5-STABLE #0: Mon Feb 18 13:57:17 EET 2002 vlado@pc042.otanner9.kas.tut.fi:/usr/obj/usr/src/sys/Ifrit i386 >Description: When ipfilter is enabled in rc.conf, it loads firewall rules for IP4. To load rules for IPV6, it's necessary to use ipf -6 . Thus to use ipfilter on ipv6 enabled computer, hack to rc.network is necessary, to load also rules for ipv6 otherwise if kernel option IPFILTER_DEFAULT_BLOCK is used, ipv6 trafic if blocked by default... >How-To-Repeat: >Fix: Add ipfilter6_rules to rc.conf, giving it rules files for ipv6. Add ipfilter test to rc.network6 and load rules if desired. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message