Date: Tue, 5 Jun 2012 15:12:06 -0700 (PDT) From: Jason Usher <jusher71@yahoo.com> To: freebsd-questions@freebsd.org Subject: implementing ipv6 into my ipfw ruleset... Message-ID: <1338934326.88519.YahooMailClassic@web122502.mail.ne1.yahoo.com>
next in thread | raw e-mail | index | archive | help
I have a fairly simple ipfw ruleset, which looks like: 100 allow tcp from any to any established 110 allow icmp from any to any icmptypes 0,3,8,11 120 deny icmp from any to any 130 allow ip from any to any via lo0 200 allow udp from me to any 53 210 allow udp from any 53 to me 220 allow udp from any to me 33433-33499 230 allow tcp from any to 82.197.184.219 22,80,443 setup 65000 deny log ip from any to me 65001 deny log ip from any to me6 What I am wondering is, am I blocking all ipv6 traffic by not explicitly allowing ipv6 in (for the established rule 100, icmp rule 110, and the entire block of 200-230) ? Or, since that is all tcp/udp/icmp, it doesn't matter, and I am properly allowing in ipv6 traffic, but ONLY for the tcp/udp ports I specify, and then blocking the rest ? Basically: how is my ruleset treating ipv6 traffic (other than the fact that, at the end of the set, I deny all ipv6 that has gotten to that point) thank you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1338934326.88519.YahooMailClassic>