Hi!
I have this kind of rule in my firewall (NetBSD/i386 3.0 with ipf 4.1.8):
block in on wm2 from any to any head 6902
...
pass in quick proto ipv6-icmp from any to any icmp-type echo \
keep state keep frags group 6902
...
block in log quick from any to any group 6902
The first rule does not work, it simply prints these kind of log entries
when running "ping6 www.kame.net" (@6902:15 is the last block line).
Oct 31 12:43:18 fw ipmon[306]: 12:43:18.134713 wm2 @6902:15 b
xxxx:xxxx:xxxx:xxxx:211:11ff:fe36:8b4f -> 2001:200:0:8002:203:47ff:fea5:3085 PR
icmpv6 len 40 104 icmpv6 echo/0 IN
If I remove "icmp-type echo" from the first rule things work just fine.
What am I doing wrong?
Martti
