On Wed, Jun 27, 2012 at 3:07 PM, Seth Mos <seth....@dds.nl> wrote:
> > I would like add a HE IPv6 tunnel to two of my servers without adding a
> tunnel for the whole network.
> > I was looking at adding an option for each 1:1 to forward protocol 41
> just for that public IP. (maybe a checkbox on the 1:1 create/edit page)
> > Is there any reason this would not work?
>
> Theoretically not impossible. A port forward might be a better match
> though, rdr is a forward, binat is a 1:1, don't think binat allows for
> protocol selection.
>
> > If I understand the code correctly, a rule would look something like:
> > rdr on {$natif} proto ipv6 from any to {$dstaddr} -> {$target}
>
> binat on {$natif} proto 41 from {$endpoint} to {$dstaddr}
>
Looking at /tmp/rules.debug:
I already have
binat on em2 from 192.168.118.60 to any -> 71.__.__.87
but it seems that proto41 is not being passed.
I added this rule to check that it is not the problem:
pass in quick on $WAN reply-to ( em2 71.__.__.1 ) from any to
192.168.118.60 keep state label "USER_RULE"
Am I looking at this wrong?
_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
