Date: Sat, 14 Nov 2020 10:39:08 -0800 From: John-Mark Gurney <jmg@funkthat.com> To: "J. Hellenthal" <jhellenthal@dataix.net> Cc: freebsd-security@freebsd.org Subject: Re: pf/pfctl loading CIDR tables & IPv6 Message-ID: <20201114183908.GL31099@funkthat.com> In-Reply-To: <A9F52180-F642-430D-8D53-C92CBE6C6049@dataix.net> References: <A9F52180-F642-430D-8D53-C92CBE6C6049@dataix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
J. Hellenthal via freebsd-security wrote this message on Sat, Nov 14, 2020 at 10:58 -0600:
> Hoping someone might be able to shed some light on this and get to a conclusion faster than I have time for right now.
>
>
> But while loading a CIDR formatted list with ???#??? comments from [1] I am getting the following error for multiple entries >10 and results in the only the partial list being loaded into the table??? The settings to download the file[2] are from the Russian Federation, IPv6 and in CIDR format.
>
> ??? (pfctl -v -t blacklist -T add -f [???]
> No ALTQ support in kernel
> ALTQ related functions disabled
> no IP address found for 2001:BB6:6A10:4200:58D7:5934:7
Well, this isn't a valid ipv6 address. There are only 7 segments,
where as an ipv6 address needs 8. There is not a :: to fill out the
missing segment.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20201114183908.GL31099>