here you go:
# sysctl -a | grep ip6
kern.malloc.kmemnames=free,,devbuf,debug,pcb,routetbl,,fragtbl,,ifaddr,soopts,sysctl,,,ioctlops,,,,,iov,mount,,NFS_req,NFS_mount,,vnodes,namecache,UFS_quota,UFS_mount,shm,VM_map,sem,dirhash,ACPI,VM_pmap,,,,file,file_desc,,proc,subproc,VFS_cluster,,,MFS_node,,,Export_Host,NFS_srvsock,,NFS_daemon,ip_moptions,in_multi,ether_multi,mrt,ISOFS_mount,ISOFS_node,MSDOSFS_mount,MSDOSFS_fat,MSDOSFS_node,ttys,exec,miscfs_mount,,,,,,,,,,pfkey_data,tdb,xform_data,,pagedep,inodedep,newblk,,,indirdep,,,,,,,,,VM_swap,,,,,RAIDframe_data,UVM_amap,UVM_aobj,,USB,USB_device,USB_HC,,memdesc,,,crypto_data,,IPsec_creds,packet_tags,,,emuldata,,,,,,,,,ip6_options,NDP,,,temp,NTFS_mount,NTFS_node,NTFS_fnode,NTFS_dir,NTFS_hash_tables,NTFS_file_attr,NTFS_resident_data_,NTFS_decomp,NTFS_vrun,kqueue,bluetooth,bwmeter,UDF_mount,UDF_file_entry,UDF_file_id,Bluetooth_HID,AGP_Memory,DRM
kern.malloc.kmemstat.ip6_options=(inuse = 2, calls = 27794, memuse = 1K,
limblocks = 0, mapblocks = 0, maxused = 6K, limit = 39322K, spare = 0,
sizes = (32,128))
net.inet6.ip6.forwarding=1
net.inet6.ip6.redirect=1
net.inet6.ip6.hlim=64
net.inet6.ip6.mrtproto=103
net.inet6.ip6.maxfragpackets=200
net.inet6.ip6.accept_rtadv=0
net.inet6.ip6.keepfaith=0
net.inet6.ip6.log_interval=5
net.inet6.ip6.hdrnestlimit=10
net.inet6.ip6.dad_count=1
net.inet6.ip6.auto_flowlabel=1
net.inet6.ip6.defmcasthlim=1
net.inet6.ip6.kame_version=OpenBSD-current
net.inet6.ip6.use_deprecated=1
net.inet6.ip6.rr_prune=5
net.inet6.ip6.v6only=1
net.inet6.ip6.maxfrags=200
net.inet6.ip6.mforwarding=1
net.inet6.ip6.multipath=0
net.inet6.ip6.multicast_mtudisc=0
net.inet6.ip6.neighborgcthresh=2048
net.inet6.ip6.maxifprefixes=16
net.inet6.ip6.maxifdefrouters=16
net.inet6.ip6.maxdynroutes=4096
net.inet6.ip6.dad_pending=0
Paul de Weerd wrote:
> What does `sysctl net.inet6.ip6.forwarding` say ? It should be set to
> 1...
>
> Cheers,
>
> Paul 'WEiRD' de Weerd
>
> On Tue, Jan 04, 2011 at 03:28:15PM +0100, nothingness wrote:
> | Hi all,
> |
> | I've been trying for a few days to get my ipv6 tunnel to work from my
> | lan. I've got a sixxs.net tunnel with a /48 assigned for my lan. I can
> | connect from the router to irc networks over ipv6 but I'm unable to run
> | traffic out via the gif0 for anything originating from the lan. I can
> | also connect to the router over ipv6 for ssh stuff for ex. I'm
> | completely out of ideas on what to do to get this to work, hope someone
> | will have a suggestion. Here's my pf.conf (I'm running openbsd 4.8 with
> | a generic kernel, patched to latest release):
> |
> | ext_if="bge0"
> |
> | ipv6_if="gif0"
> | ipv6_ip="2001:1620:f00:56::2"
> | ipv6_gw="2001:1620:f00:56::1"
> | ipv6_lan="2001:1620:f2e1::/64"
> | ipv6_lan2="2001:1620:f2e3::/64"
> |
> | int_if="dc0"
> | vpn1_if="tun1"
> | vpn2_if="tun2"
> | vpn3_if="tun3"
> | tcp_services="{ 179, 2027:2037, 5002, 7777, 8296, 46411 }"
> | udp_services="{ 1194, 5003, 5501, 7777, 30000, 46411 }"
> | icmp_types="echoreq"
> | ssh_ports="{ ssh , 1194 }"
> | im_ports="{ icq, msn, ircd, ircd-ssl }"
> |
> | table <ssh-violations> persist file "/etc/ssh-violations"
> | table <spamd-white> persist
> | set block-policy drop
> | set loginterface $ipv6_if
> | set skip on lo
> | set state-policy if-bound
> |
> | match out on $ext_if inet from !($ext_if) nat-to ($ext_if)
> |
> | match in on $int_if proto tcp to ($int_if) port ftp rdr-to 127.0.0.1
> | port 8021
> | match in on $int_if proto tcp to ($int_if) port http rdr-to 127.0.0.1
> | port 3128
> | match in on $ext_if proto tcp to ($ext_if) port smtp rdr-to 127.0.0.1
> | port spamd
> | block in log
> | pass out keep state
> |
> | block drop in log on $ext_if from <ssh-violations> to any
> | block drop in log on $ipv6_if from <ssh-violations> to any
> |
> | #try ipv6 routing
> | pass quick on $ipv6_if proto {ipencap, ipv6}
> | pass quick on $ext_if proto {ipencap, ipv6}
> | pass quick on $ext_if inet6
> | pass quick on $ipv6_if inet6
> |
> | pass in on $ext_if proto udp from any to any port 1194
> | pass in inet proto icmp all icmp-type $icmp_types keep state
> | pass proto 41 from any to any keep state
> | pass quick on $int_if no state
> | pass quick on $vpn1_if no state
> | pass quick on $vpn2_if no state
> | pass quick on $vpn3_if no state
> |
> | #pass quick on $vpn_if inet proto gre any
> | pass quick from 224/7 to any keep state
> |
> |
> | Cheers,
> |
> | Noth
> |
