On Tue, Aug 17, 2010 at 08:01:35AM -0400, Simon Perreault wrote: > Block router advertisements on carp interfaces? > > block on carpX inet6 proto icmp6 all icmp6-type routeradv
PF treats traffic that arrives on the carp interface as if it had arrived on the 'carpdev' interface, so this rule will never match. We should probably make pfctl spit out an error when carpX is used in this context.
