From owner-freebsd-stable  Sun Dec 10 15: 7:57 2000
From owner-freebsd-stable@FreeBSD.ORG  Sun Dec 10 15:07:54 2000
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from smtp2.cluster.oleane.net (smtp2.cluster.oleane.net [195.25.12.17])
	by hub.freebsd.org (Postfix) with ESMTP id 10ADC37B400
	for <freebsd-stable@freebsd.org>; Sun, 10 Dec 2000 15:07:49 -0800 (PST)
Received: from diabolic-cow.chatgris.net (dyn-1-1-015.Orl.dialup.oleane.fr [195.25.26.15]) by smtp2.cluster.oleane.net with ESMTP id eBAN7jO46474 for <freebsd-stable@freebsd.org>; Mon, 11 Dec 2000 00:07:46 +0100 (CET)
Received: by diabolic-cow.chatgris.net (Postfix, from userid 1000)
	id 8016E27D; Mon, 11 Dec 2000 00:05:51 +0100 (CET)
Date: Mon, 11 Dec 2000 00:05:51 +0100
From: =?iso-8859-1?Q?R=E9mi_Guyomarch?= <rguyom@pobox.com>
To: freebsd-stable@freebsd.org
Subject: Re: IPFIREWALL or IPFILTER?
Message-ID: <20001211000551.F22773@diabolic-cow.chatgris.net>
References: <Pine.BSF.4.21.0012031955270.59659-100000@ipamzlx.physik.uni-mainz.de> <00dd01c05e2e$e42a0700$0b6cffc8@infolink.com.br> <20001209112247.A22773@diabolic-cow.chatgris.net> <002301c062bd$2aeb0440$0b6cffc8@infolink.com.br> <20001210202817.C22773@diabolic-cow.chatgris.net> <20001210232204.A1972@genesis.k.pl>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.5i
In-Reply-To: <20001210232204.A1972@genesis.k.pl>; from ns88@k.pl on Sun, Dec 10, 2000 at 11:22:04PM +0100
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sun, Dec 10, 2000 at 11:22:04PM +0100, Tomasz Paszkowski wrote:
> On Sun, Dec 10, 2000 at 08:28:17PM +0100, Rémi Guyomarch wrote:
> > Can you redirect traffic to many internal boxes with a round-robin
> > mechanism ?
> 
> man natd

You got me on that one ;-)

Ok, so I add another one : does ipfw support IPv6 stateful filtering ?
Yes, ipfw can filter IPv6 packets, but :
- reading the source, it seems to me that ip6fw doesn't have his IPv4
counterpart's stateful additions.
- the source is not in the same file, which imply that the two
filters might not have the same behaviour / possibilities.
- if any, where are those differences documented ?

And yes, the ipfilter shipped in fbsd-4.2 isn't configured to filter
IPv6. I don't know exactly why, but the patch is in ipfilter's 3.4.14
distribution.

-- 
Rémi


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message