Date: Mon, 22 Dec 2008 16:15:35 +0100 From: beni <beni@brinckman.info> To: freebsd-questions@freebsd.org Subject: kernel options for ipv6 firewall Message-ID: <200812221615.36177.beni@brinckman.info>
next in thread | raw e-mail | index | archive | help
Hi, I'm trying to reconfigure and recompile my kernel to use a ipv6 firewall. So far I added this to the kernel (from http://techie.devnull.cz/ipv6/ipfw2- ipv6-dummynet/) : # IPFW2 options IPFW2 options IPFIREWALL_VERBOSE #enable logging to syslogd(8) options IPFIREWALL_FORWARD #enable transparent proxy support options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default and I tried this also (from http://www.kame.net/~suz/freebsd-ipv6-config- guide.txt) : options IPV6FIREWALL #options IPV6FIREWALL_VERBOSE #options IPV6FIREWALL_VERBOSE_LIMIT=100 #options IPV6FIREWALL_DEFAULT_TO_ACCEPT But all I get is an "unknown option" error when I do a make buildkernel. I've added also this to my /etc/rc.conf : #IPv6 gateway6_enable="YES" ipv6_enable="YES" #ipv6_gateway_enable="YES" #ipv6_router_enable="YES" ipv6_network_interfaces="vr0 tun0" # Enable ip6fw. ipv6_firewall_enable="YES" ipv6_firewall_type="client" # ipv6_firewall_quiet="NO" ipv6_firewall_quiet="YES" # suppress rule display. (By default, it's NO) ipv6_firewall_logging="YES" # enable events logging. (By default, it's NO) ipv6_firewall_flags="" # Flags passed to ip6fw when type is a "filename" pf is enabled for ipv4. So what option(s) do I need to use a ipv6 firewall in my kernel ? -- Beni.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812221615.36177.beni>