ip6fw

[Jasper Jongmans]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 04 Dec 2000, Warren Matthews wrote:
> I'm setting up rules for ip6fw on a machine running FreeBSD 4.2-Release,
> and I'm having trouble getting router advertisements and solicitations
> through for smooth autoconfiguration.
> 
> I see icmp type 134 from my ipv6 router to all ipv6 devices on the 
> outside interface of the firewall (as expected), but nothing gets
> through to the machines connected to the inside interface. I have set
> 
>   allow ipv6-icmp from any to any 
> 
> and 
> 
>    net.inet6.ip6.forwarding=1
> 
> So I would expect the advertisements and solicitations to be accepted on
> one interface and sent out the other. I wonder about the TTL, but I
> would've thought (hoped) the firewall is transparent to allowable
> traffic.
> 
> Has anyone done this, any suggestions ?

I am interested in the rules before the ``allow ipv6-icmp from any to any'' rule. There is probably a rule disallowing the router advertisements and solicitations from getting through.

You can also try to put ``log'' for all deny-rules so you see where exactly the packets are lost.

- -- 
Jasper Jongmans                                            aprogas@mail.com
Website                         http://aprogas.student.utwente.nl/~aprogas/
PGP public key            ftp://aprogas.student.utwente.nl/keys/pgp_dss.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE6K/hRfuu+THq4fAIRAnzwAKDeXnXSXlp94xZY4RdZTHBqCyD5GACg7F/g
6o/XN3CHg0h0xJAKwQdii0I=
=AJdb
-----END PGP SIGNATURE-----