Hi Julian and Terrence,
Thanks for your tests!
I'm now convinced there is a bug in ipfw.
As Terrence and I tested, ipfw is matching rules, and reporting in the
log, that IPv6 traffic between local IPv6 addresses (from me6 to me6)
using an interface other than lo0.
e.g.
ipfw: 1 Count
On 2/15/12 1:44 PM, Freek Dijkstra wrote:
Hi Julian and Terrence,
Thanks for your tests!
I'm now convinced there is a bug in ipfw.
As Terrence and I tested, ipfw is matching rules, and reporting in the
log, that IPv6 traffic between local IPv6 addresses (from me6 to me6)
using an interface
Julian Elischer wrote:
can you actually put them in an official bug report?
Done for the first report. I'll follow up once it is approved.
Do you have any comments about the second problem?
(unlike the first, that only seem to occur with ICMPv6 traffic).
The bug report page was new; I was
Freek Dijkstra wrote:
can you actually put them in an official bug report?
Done for the first report. I'll follow up once it is approved.
http://www.freebsd.org/cgi/query-pr.cgi?pr=165190
(It seems I mis-categorised it: I marked it i386, since that was the
platform I used for testing; it
Hi,
I added a few rules to my firewall to prevent spoofing source IP
addresses. I encountered some (to me) unexpected behaviour where IPv6
traffic originating at the host would match an ipfw rule with in and
recv interface set.
I very much appreciate it if someone could replicate the following
On 2/14/12 2:02 PM, Freek Dijkstra wrote:
Hi,
I added a few rules to my firewall to prevent spoofing source IP
addresses. I encountered some (to me) unexpected behaviour where IPv6
traffic originating at the host would match an ipfw rule with in and
recvinterface set.
I very much appreciate it
On Tue, 14 Feb 2012 at 23:02:26, Freek Dijkstra wrote:
Hi,
I added a few rules to my firewall to prevent spoofing source IP
addresses. I encountered some (to me) unexpected behaviour where IPv6
traffic originating at the host would match an ipfw rule with in and
recv interface set.
I very