[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: IPv6/IPv4 tunnel on Solaris 8 and ipfilter
From:       Darren Reed <darrenr () reed ! wattle ! id ! au>
Date:       2001-12-24 18:13:06
[Download RAW message or body]

In some email I received from Nicolas Dorfsman, sie wrote:
>   Hi,
> 
> I've configured IPv6 tunneled into IPv4 thru freenet6 service on my 
> Sun/sparc box (Solaris 8).
> It works fine.
> The issue is on ipfilter. It doesn't seem to filter anything on ip.tun0 
> or ip.tun0:1 interface !
> 
> extract of my ipf.conf :
> 
> # IPv6
> pass in quick on ppp0 proto ipv6 from TUNNEL-dst to TUNNEL-src

Does this work ?

> block in log quick on ip.tun0 all

This should get hit.

> block in log quick on ip.tun0:1 all

That won't work.

> block out log on ip.tun0 all

This should get hit.

> block out log on ip.tun0:1 all

That won't work.

btw, you cannot have an IPv4 & IPv6 tunnel between the same pair of
hosts in Solaris9, like Solaris8 :-(

try this:

echo 'block out log on ip.tun0 all' | ipf -6f -
echo 'block int log on ip.tun0 all' | ipf -6f -

You may have to up/down the interfaces after loading ipfilter to make
it work.

Darren
[prev in list] [next in list] [prev in thread] [next in thread]