[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

the real diff for rtsol with pf=YES



Here's the official diff, after discussing with henning...
-- 
Todd Fries .. [email protected]
(last updated $ToddFries: signature.p,v 1.2 2002/03/19 15:10:18 todd Exp $)
Index: ./etc/netstart
===================================================================
Original: ./etc/netstart
diff -u <original> ./etc/netstart
--- ./etc/netstart
+++ ./etc/netstart	Mon Dec  2 10:27:00 2002
@@ -30,6 +30,12 @@
 		return
 	fi
 
+
+	RULES="$RULES\npass out on $if inet6 proto ipv6-icmp from { :: fe80::/16 } to ff02::/16 ipv6-icmp-type grouprep code 0"
+	RULES="$RULES\npass out on $if inet6 proto ipv6-icmp from ($if) to any ipv6-icmp-type neighbrsol code 0"
+	RULES="$RULES\npass in  on $if inet6 proto ipv6-icmp from any to ($if) ipv6-icmp-type neighbradv code 0"
+	echo $RULES | pfctl -f -
+
 	# Now parse the hostname.* file
 	while :; do
 		if [ "$cmd2" ]; then
@@ -260,6 +266,11 @@
 	fw=`sysctl -n net.inet6.ip6.forwarding`
 	ra=`sysctl -n net.inet6.ip6.accept_rtadv`
 	if [ "x$fw" = "x0" -a "x$ra" = "x1" ]; then
+
+		RULES="$RULES\npass out on { $rtsolif } inet6 proto ipv6-icmp from fe80::/16 to ff02::2 ipv6-icmp-type routersol code 0"
+		RULES="$RULES\npass in  on { $rtsolif } inet6 proto ipv6-icmp from fe80::/16 to ff02::1 ipv6-icmp-type routeradv code 0"
+		RULES="$RULES\npass in  on { $rtsolif } inet6 proto ipv6-icmp from fe80::/16 to fe80::/16 ipv6-icmp-type routeradv code 0"
+		echo $RULES | pfctl -f -
 		echo "IPv6 autoconf:$rtsolif"
 		rtsol $rtsolif
 	else