Date: Mon, 02 Aug 2004 15:05:19 +0200 From: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl> To: freebsd-sparc64@freebsd.org, freebsd-ipfw@freebsd.org Subject: Does ip6fw work for you on sparc64? Message-ID: <410E3C0F.20403@student.utwente.nl>
next in thread | raw e-mail | index | archive | help
Hello everybody,
Does ip6fw work for any sparc64 owners? It hasn't been working correctly
for me for as long as I can remember. Behavior is very erratic: allow
ipv6 works, but allow {tcp|udp} doesn't. Such rules do show up in the
traffic counter, but really don't allow any traffic passing it at all.
I run a sparc64 with a world from 2004-08-02. Here's my firewall
configuration:
00100 allow ipv6 from any to any via lo0
00200 deny ipv6 from any to ::1
00300 deny ipv6 from ::1 to any
00400 allow ipv6-icmp from :: to ff02::/16
00500 allow ipv6-icmp from fe80::/10 to fe80::/10
00600 allow ipv6-icmp from fe80::/10 to ff02::/16
00700 allow ipv6 from fe80::/10 to ff02::/16
00800 allow ipv6 from 2001:610:1908:8000::/64 to ff02::/16
00900 allow tcp from any to any established
01000 allow ipv6 from any to any frag
01100 allow tcp from any to 2001:610:1908:8000:a00:20ff:fecf:c01b 25 setup
01200 allow tcp from any to 2001:610:1908:8000:a00:20ff:fecf:c01b 80 setup
01300 allow tcp from 2001:610:1908:8000:a00:20ff:fecf:c01b to any setup
01400 deny tcp from any to any setup
01500 allow udp from any 53 to 2001:610:1908:8000:a00:20ff:fecf:c01b
01600 allow udp from 2001:610:1908:8000:a00:20ff:fecf:c01b to any 53
01700 allow udp from any 123 to 2001:610:1908:8000:a00:20ff:fecf:c01b
01800 allow udp from 2001:610:1908:8000:a00:20ff:fecf:c01b to any 123
01900 allow ipv6-icmp from any to any icmptype 33
02000 allow ipv6-icmp from any to any icmptype 34
65535 deny ipv6 from any to any
Any ideas?
Regards,
Roderick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?410E3C0F.20403>