Date: Sun, 1 Jul 2001 10:54:01 -0700 From: "matt" <matt-l@pacbell.net> To: "Niels Chr. Bank-Pedersen" <ncbp@bank-pedersen.dk>, <current@freebsd.org> Subject: Re: ipfilter+ipv6 - what am I missing? Message-ID: <005701c10256$d5361960$6503c23f@XGforce.com> References: <20010701142120.C770@bank-pedersen.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
I don't think ipf is complete in its ipv6 support yet.You can use ipfw instead. ====================================== WWW.XGFORCE.COM The Next Generation Load Balance and Fail Safe Server Clustering Software for the Internet. ====================================== ----- Original Message ----- From: Niels Chr. Bank-Pedersen <ncbp@bank-pedersen.dk> To: <current@freebsd.org> Sent: Sunday, July 01, 2001 5:21 AM Subject: ipfilter+ipv6 - what am I missing? > Hi, > > On yesterdays -current I'm having some problems making ipfilter > DTRT with ipv6 packets: > > bm# ipfstat -6io > block out quick on xl0 from any to any > block out quick on vx0 from any to any > block in quick on xl0 from any to any > block in quick on vx0 from any to any > > (passing ipv6 traffic) > > bm# ipfstat -6 > IPv6 packets: in 0 out 0 > > Even with the above ruleset installed, ipfilter doesn't block > any traffic at all, and counters for ipv6 packets remains at > zero while successfully running various ipv6 sessions through > the firewall, so what am I missing here? > > Feel free to flame me if I am missing the obvious :-) > > > /Niels Chr. > > -- > Niels Christian Bank-Pedersen, NCB1-RIPE. > Network Manager, TDC, IP-section. > > "Hey, are any of you guys out there actually *using* RFC 2549?" > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005701c10256$d5361960$6503c23f>