FreeBSD Bugzilla – Attachment 78259 Details for
Bug 112579
[request] No ipv6 related pf examples in /usr/share/examples/pf
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
pf_ipv6host.conf.txt
pf_ipv6host.conf.txt (text/plain), 2.09 KB, created by
Mohacsi Janos
on 2007-05-10 19:00:11 UTC
(
hide
)
Description:
pf_ipv6host.conf.txt
Filename:
MIME Type:
Creator:
Mohacsi Janos
Created:
2007-05-10 19:00:11 UTC
Size:
2.09 KB
patch
obsolete
># Required order: options, normalization, queueing, translation, filtering. ># Macros and tables may be defined and used anywhere. ># Note that translation rules are first match while filter rules are last match. ># CHANGE to your network interface card!!! >ext_if="fxp0" > >#block everything >block in log all >block out log all >#allow everything for loopback >pass in quick on lo0 all >pass out quick on lo0 all >#allow all outgoing packets >pass out quick proto tcp from $ext_if to any keep state >pass out quick proto udp from $ext_if to any keep state >pass out quick inet proto icmp from $ext_if to any keep state >pass out quick proto ipv6-icmp from any to any keep state ># ICMPv6 is less auxiliary in IPv6 than ICMP in IPv4. ># See RFC 4890 about more detailed treatment. ># supported icmp6-types: ># unreach 1 Destination unreachable ># toobig 2 Packet too big ># timex 3 Time Exceeded ># paramprob 4 Parameter problem ># echoreq 128 Echo Request ># echorep 129 Echo Reply ># groupqry 130 ICMPv6 Membership query ># listqry 130 MLD listener query ># grouprep 131 ICMPv6 membership report ># listenrep 131 MLD listener report ># groupterm 132 ICMPv6 membership termination ># listendone 132 MLD listener done ># routersol 133 ND router solicitation ># routeradv 134 ND router advertisement ># neighbrsol 135 ND neighbor solicitation ># neighbradv 136 ND neighbor advertisement ># redir 137 ND redirection ># routerrenum 138 ICMPv6 router renumbering ># wrureq 139 Who are you request ># wrurep 140 Who are you reply ># fqdnreq 139 ICMPv6 Fully Qualified Domain Name Query ># fqdnrep 140 ICMPv6 Fully Qualified Domain Name Reply ># nireq 139 Neighbor Information Query ># nirep 140 Neighbor Information Reply ># mtraceresp 200 MLD Multicast trace response ># mtrace 201 MLD Multicast trace ># ># Allow all incoming icmpv6 packee >pass in quick proto ipv6-icmp from any to any ># Allow only bare essential icmpv6 packets (NS, NA, and RA) >#pass in quick inet6 proto ipv6-icmp from any to any icmp6-type {neighbradv,neighbrsol,routeradv} >#enable to ssh access >pass in quick proto tcp from any to any port = 22
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=78259">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 112579
: 78259 |
78260