From owner-FreeBSD-users-jp@jp.FreeBSD.org Sat Jan  4 11:34:22 2003
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id h042YMQ41586;
	Sat, 4 Jan 2003 11:34:22 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from plum.freemail.ne.jp (plum.freemail.ne.jp [210.235.164.88])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with SMTP/inet id h042YMG41581
	for <freebsd-users-jp@jp.freebsd.org>; Sat, 4 Jan 2003 11:34:22 +0900 (JST)
	(envelope-from fwtec@plum.freemail.ne.jp)
Received: (qmail 29148 invoked by alias); 4 Jan 2003 11:34:20 +0900
Received: (qmail 29132 invoked from network); 4 Jan 2003 11:34:19 +0900
Received: from unknown (HELO ?192.168.1.6?) (61.121.18.217)
  by plum.freemail.ne.jp with SMTP; 4 Jan 2003 11:34:19 +0900
From: Yuji Tanaka <fwtec@plum.freemail.ne.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: <200301032333.IGH63841.ZBVZBNBT@Red.An.Egg.OR.JP>
References: <20030103215505.791C.FWTEC@plum.freemail.ne.jp> <200301032333.IGH63841.ZBVZBNBT@Red.An.Egg.OR.JP>
Message-Id: <20030104113455.629D.FWTEC@plum.freemail.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.05.06
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Sat, 04 Jan 2003 11:38:05 +0900
X-Sequence: FreeBSD-users-jp 72782
Subject: [FreeBSD-users-jp 72782] Re: 4.6.2-p5 
 =?ISO-2022-JP?B?GyRCJEcbKEI=?= IPv6
 =?ISO-2022-JP?B?GyRCJEsbKEI=?= IPFilter
 =?ISO-2022-JP?B?GyRCJHI7SE1RJDkka0p9SyEkTyQiJGokXhsoQg==?=
 =?ISO-2022-JP?B?GyRCJDskcyQrGyhC?= ?
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: fwtec@plum.freemail.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+021231

$B%l%9$"$j$,$H$&$4$6$$$^$9!#<B$O$9$G$K(B -6 $B%*%W%7%g%s$O$d$C$F$$$F!"0J2<$N(B
$B$h$&$J%(%i!<$K$J$j$^$7$?!#(B

# ipf -Fa -6 -f ipf.ipv6
7: unknown words at end: [with ipopts ]
8: unknown words at end: [with short ]
10: bad host (127.0.0.0)
11: bad host (127.0.0.0)
12: bad host (fe80::7c8e:d4e8:7a0:6662%faith0)
14: bad host (127.0.0.0)
15: bad host (fe80::7c8e:d4e8:7a0:6662%faith0)
16: bad host (fe80::260:97ff:fe44:1671%ep0)
18: bad host (127.0.0.0)
19: bad host (127.0.0.0)
20: bad host (fe80::260:97ff:fe44:1671%ep0)
22: bad host (127.0.0.0)
23: bad host (fe80::260:97ff:fe44:1671%ep0)
24: bad host (fe80::7c8e:d4e8:7a0:6662%faith0)

$B$$$+$K;H$C$F$$$k%k!<%k%U%!%$%k$r(B cat -n ipf.ipv6 $B$7$?7k2L$r=q$-$^$9(B
     1  #
     2  # The following routes should be configured, if not already:
     3  #
     4  # route add      fe80::7c8e:d4e8:7a0:6662%faith0 prefixlen 64 scopeid 0x2  localhost 0
     5  # route add      fe80::260:97ff:fe44:1671%ep0 prefixlen 64 scopeid 0x6  localhost 0
     6  #
     7  block in log quick from any to any with ipopts
     8  block in log quick proto tcp from any to any with short
     9  pass out on faith0 all head 250
    10  block out from 127.0.0.0/8 to any group 250
    11  block out from any to 127.0.0.0/8 group 250
    12  block out from any to    fe80::7c8e:d4e8:7a0:6662%faith0 prefixlen 64 scopeid 0x2 /32 group 250
    13  pass in on faith0 all head 200
    14  block in from 127.0.0.0/8 to any group 200
    15  block in from    fe80::7c8e:d4e8:7a0:6662%faith0 prefixlen 64 scopeid 0x2 /32 to any group 200
    16  block in from    fe80::260:97ff:fe44:1671%ep0 prefixlen 64 scopeid 0x6 /0xffffff00 to any group 200
    17  pass out on ep0 all head 350
    18  block out from 127.0.0.0/8 to any group 350
    19  block out from any to 127.0.0.0/8 group 350
    20  block out from any to    fe80::260:97ff:fe44:1671%ep0 prefixlen 64 scopeid 0x6 /32 group 350
    21  pass in on ep0 all head 300
    22  block in from 127.0.0.0/8 to any group 300
    23  block in from    fe80::260:97ff:fe44:1671%ep0 prefixlen 64 scopeid 0x6 /32 to any group 300
    24  block in from    fe80::7c8e:d4e8:7a0:6662%faith0 prefixlen 64 scopeid 0x2 / to any group 300

$B$3$l$G(B IPv6 $B$K%(%i!<$,$J$/$J$C$F(B IPv4 $B$N%(%i!<$@$1$K$J$k$J$i$^$@$o$+(B
$B$k$N$G$9$,!"N>J}%(%i!<$K$J$C$F$$$k$h$&$G$9!#(B

--
Yuji Tanaka

