pf/pfctl loading CIDR tables & IPv6
J. Hellenthal
jhellenthal at dataix.net
Sat Nov 14 18:49:19 UTC 2020
Well shoot! I don’t even think about going down that rabbit hole. Thank you.
Wondering if it be more useful tho to skip past those formatting errors to continue reading the rest of the list instead of just discarding the results and not loading the remainder.
I’ll be in touch with ip2locatiin as well
--
J. Hellenthal
The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.
> On Nov 14, 2020, at 12:39, John-Mark Gurney <jmg at funkthat.com> wrote:
>
> J. Hellenthal via freebsd-security wrote this message on Sat, Nov 14, 2020 at 10:58 -0600:
>> Hoping someone might be able to shed some light on this and get to a conclusion faster than I have time for right now.
>>
>>
>> But while loading a CIDR formatted list with ???#??? comments from [1] I am getting the following error for multiple entries >10 and results in the only the partial list being loaded into the table??? The settings to download the file[2] are from the Russian Federation, IPv6 and in CIDR format.
>>
>> ??? (pfctl -v -t blacklist -T add -f [???]
>> No ALTQ support in kernel
>> ALTQ related functions disabled
>> no IP address found for 2001:BB6:6A10:4200:58D7:5934:7
>
> Well, this isn't a valid ipv6 address. There are only 7 segments,
> where as an ipv6 address needs 8. There is not a :: to fill out the
> missing segment.
>
> --
> John-Mark Gurney Voice: +1 415 225 5579
>
> "All that I will do, has been done, All that I have, has not."
More information about the freebsd-security
mailing list