From owner-freebsd-questions Tue Jan 28 6:30:49 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C8D437B401 for ; Tue, 28 Jan 2003 06:30:48 -0800 (PST) Received: from smnolde.com (c-24-98-61-182.atl.client2.attbi.com [24.98.61.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id CE93743F3F for ; Tue, 28 Jan 2003 06:30:47 -0800 (PST) (envelope-from scott@smnolde.com) Received: from [192.168.10.7] (helo=bsd.smnolde.com) by smnolde.com with esmtp (TLSv1:DES-CBC3-SHA:168) (Exim 3.36 #1) id 18dWlD-00057N-00 for freebsd-questions@freebsd.org; Tue, 28 Jan 2003 09:30:47 -0500 Received: from scott by bsd.smnolde.com with local (Exim 3.36 #1) id 18dWlD-000MqL-00 for freebsd-questions@freebsd.org; Tue, 28 Jan 2003 09:30:47 -0500 Date: Tue, 28 Jan 2003 09:30:47 -0500 From: "Scott M. Nolde" To: freebsd-questions@freebsd.org Subject: using ipf and ipv6 Message-ID: <20030128143046.GE83557@smnolde.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i X-GPG_Fingerprint: 0BD6 DDB4 2978 EB60 E0C8 33F2 BC34 9087 D869 AB48 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm using a combination of ipfw+dummynet (for queing and traffic shaping) and ipf+ipnat for the majority of my packet filtering needs. However, the one thing I haven't figured out is how to allow ipf pass ipv6. Ipfw has a default allow rule, and so does ip6fw. Ipf has will pass in and out all ipv6. Hoever, even with that, no ipv6 packets are routed across my LAN. rtadvd is running on the box with ipv6 gif to he.net. I also see the following in my ipmon logs when I log all ipv6: ipmon[83]: 09:28:00.330918 2x fxp1 @0:60 p 68.41.48.15 -> 24.98.61.182 PR ipv6 len 20 (192) IN Rule 60 on the inbound ruleset is: 374 pass in log proto ipv6 from any to any which indicates packets are matching that rule. Cann anyone offer some advice or throw a url at me with ipv6 syntax with ipf? Thanks -- Scott Nolde GPG Key 0xD869AB48 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message