PF vs. ping6

Colin Brace cb at lim.nl
Fri Feb 22 00:14:57 UTC 2008


Hi all,

I am trying to set up a IPv6 tunnel following the instructions in the
handbook <http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html>.
aiccu starts ok:

# sixxs-aiccu start
Tunnel Information for T14342:
POP Id      : nlams05
IPv6 Local  : xxxxxxxxxxxxxxxxx2/64
IPv6 Remote : xxxxxxxxxxxxxxxxx1/64
Tunnel Type : 6in4-heartbeat
Adminstate  : enabled
Userstate   : enabled

I can ping6 localhost, I can ping6 the tunnel begin point (local), but
I can't ping6 the (remote) end point. Firing up tcpdump, I see that
the firewall is blocking the ping packets.

I have these (provisional) rules at the top of the filter section in PF:

pass quick on fxp0 inet6 # ext if
pass quick on gif0 inet6

to no avail; PF is still blocking ping6. Am I missing something here?

-- 
 Colin Brace
 Amsterdam
 http://lim.nl


More information about the freebsd-questions mailing list