pf/pfctl loading CIDR tables & IPv6
John-Mark Gurney
jmg at funkthat.com
Sat Nov 14 18:39:18 UTC 2020
J. Hellenthal via freebsd-security wrote this message on Sat, Nov 14, 2020 at 10:58 -0600:
> Hoping someone might be able to shed some light on this and get to a conclusion faster than I have time for right now.
>
>
> But while loading a CIDR formatted list with ???#??? comments from [1] I am getting the following error for multiple entries >10 and results in the only the partial list being loaded into the table??? The settings to download the file[2] are from the Russian Federation, IPv6 and in CIDR format.
>
> ??? (pfctl -v -t blacklist -T add -f [???]
> No ALTQ support in kernel
> ALTQ related functions disabled
> no IP address found for 2001:BB6:6A10:4200:58D7:5934:7
Well, this isn't a valid ipv6 address. There are only 7 segments,
where as an ipv6 address needs 8. There is not a :: to fill out the
missing segment.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-security
mailing list