Bug 247772

Summary: IPv6 hostname is not resolving while adding new rule
Product: Base System Reporter: Aleksey Bondarenko <alexei.bond>
Component: kernAssignee: freebsd-ipfw (Nobody) <ipfw>
Status: New ---    
Severity: Affects Some People CC: evgeniy, nc
Priority: ---    
Version: 12.1-RELEASE   
Hardware: Any   
OS: Any   

Description Aleksey Bondarenko 2020-07-05 09:22:06 UTC
ipfw -q add 00100 allow tcp from ipv6.google.com to me in via vtnet0 setup
gives this error:
ipfw: hostname ``ipv6.google.com'' unknown

At the same time, the host is resolved correctly:
host ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2404:6800:4004:81c::200e
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2020-07-05 18:25:33 UTC
Assign to list.

FYI to submitter: with Bugzilla, we have switched away from the necessity for [tag], which was a hack for GNATS.
Comment 2 Neel Chauhan freebsd_committer 2020-07-06 03:19:58 UTC
This review could be related: https://reviews.freebsd.org/D23888
Comment 3 Neel Chauhan freebsd_committer 2020-07-06 03:51:30 UTC
Never mind, isn't related (I tested it myself)
Comment 4 Evgeniy Khramtsov 2020-08-18 22:14:59 UTC
(In reply to Aleksey Bondarenko from comment #0)

Do you still have this issue if you try

ipfw -q add 00100 allow src-ip6 ipv6.google.com dst-ip6 me proto tcp in via vtnet0 setup


From ipfw man page:

The rule body has the following format:

[proto from src to dst] [options]

The first part (proto from src to dst) is for backward compatibility with
earlier versions of FreeBSD.  In modern FreeBSD any match pattern (in-
cluding MAC headers, IP protocols, addresses and ports) can be specified
in the options section.
Comment 5 Evgeniy Khramtsov 2020-08-18 22:17:46 UTC
(In reply to Evgeniy Khramtsov from comment #4)

IIRC, here "me" works as "me6" in FreeBSD 13.
If the command does not work for you, then change "me" to "me6".
Comment 6 Aleksey Bondarenko 2020-08-29 13:38:31 UTC
(In reply to Evgeniy Khramtsov from comment #5)
ipfw -q add 00100 allow src-ip6 ipv6.google.com dst-ip6 me proto tcp in via vtnet0 setup
works fine, thank you!