Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 7 Aug 2005 19:09:56 +0000 (UTC)
From:      "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
To:        FreeBSD ipfw mailing list <freebsd-ipfw@freebsd.org>
Subject:   ipfw ipv6 problems + patch needing review
Message-ID:  <Pine.BSF.4.53.0508071827560.62130@e0-0.zab2.int.zabbadoz.net>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi,

with the current implementation of ipfw + IPv6 we ran into a number
of problems.

1st category: syntax. You will find some information about this
on the page at [1].

2nd category: functionality. There had been problems with extension
headers and reading the code we discovered that there was no logging
for IPv6 *joy*. I got told that no reject code for v6 is another
showstopper for moving from ip6fw to ipfw.


There is a   patch at [2]   to address the extension header bug,
Ipv6 logging and TCP RST/ICMPv6 unreach features.
I need feedback on this to get it in before 6.0 so please test
and review and let me know.

The idea is to give people one clear set of things for ipv4 and
one clear set for ipv6. When running v6 using ip or any is almost
impossible with the current implementation apart from the default
rule.

It's a fixup patch to get the functionality in for 6.0 and leave
the cleanup for later. Not more not less.


Greetings
Bjoern A. Zeeb

[1] http://sources.zabbadoz.net/freebsd/ipfw-v6.html
[2] http://sources.zabbadoz.net/freebsd/patchset/ip_fw2.c-rev.1.106-10.diff

-- 
Bjoern A. Zeeb				bzeeb at Zabbadoz dot NeT



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.53.0508071827560.62130>