The default PF ruleset as setup by rc is too restrictive. Have the default
ruleset allow for DHCPv6.
Index: rc
===================================================================
RCS file: /home/cvs/src/etc/rc,v
retrieving revision 1.419
diff -u -p -u -p -r1.419 rc
--- rc 3 Jan 2014 23:24:19 -0000 1.419
+++ rc 9 Jan 2014 20:47:07 -0000
@@ -330,6 +330,8 @@ if [ X"${pf}" != X"NO" ]; then
RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type
neighbradv"
RULES="$RULES\npass out inet6 proto icmp6 all icmp6-type
routersol"
RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type
routeradv"
+ RULES="$RULES\npass out inet6 proto udp from any port
dhcpv6-client to any port dhcpv6-server"
+ RULES="$RULES\npass in inet6 proto udp from any port
dhcpv6-server to any port dhcpv6-client"
fi
RULES="$RULES\npass proto carp keep state (no-sync)"
case `sysctl vfs.mounts.nfs 2>/dev/null` in
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
