ipfw keep-state + IPv6 on FreeBSD 7
Peter Kieser
peter at wingless.org
Mon Oct 22 12:14:15 PDT 2007
Hello,
I'm having problems with ipfw + IPv6 keep-state rules, if I use a
keep-state rule on IPv6 it will only work intermittently (eg. I can
connect to an FTP site with IPv6 and start to grab a file, but it will
stall after a few seconds). I am using deny all by default on ipfw, my
ruleset is as follows (em0 is my external interface):
add check-state
add allow all from any to any via lo0
add allow all from any to any out via em0 keep-state
The keep-state works fine for IPv4 traffic, but IPv6 traffic
connectivity will only work intermittently with the above ruleset. I am
running a RELENG_7 cvsuped/built on Tue Oct 16:
FreeBSD akuma.pfak.org 7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #1: Tue Oct
16 18:30:20 PDT 2007
peter at akuma.pfak.org:/usr/obj/usr/src/sys/AKUMA i386
Any hints? Is IPv6 + keep-state broken on 7.0?
Thank you,
-Peter
More information about the freebsd-questions
mailing list