ipfilter rules for gif ipv6 tunnel

Vince Hoffman jhary at unsane.co.uk
Wed May 12 12:46:03 PDT 2004


Hi all,
        I recently moved to using ipfilter from ipfw (no particular
reason, just wanted to try another option.) The problem now is that where
i used to have an ipv6 tunnel (from the people at http://tunnelbroker.net)
(again no good reason but it gives me a change to try it out for when i
may need to know about it.) the tunnel uses a gif interface to encapulate
ipv6,
this worked fine with ipfw but doesnt seem to work with ipfilter.
i tried adding

pass in quick on fxp0 proto gre all keep state
pass out quick on fxp0 proto gre all keep state

but no joy.
any ideas ? what i need to add to let it pass ?
 i have no rules for ipv6 in ipfilter, but i tried adding an allow all
rule which didnt seem to help.
any ideas appreciated



More information about the freebsd-questions mailing list