[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the real diff for rtsol with pf=YES



ugh, I need to test if pf is set around these rules .. diff coming that
will fix that.
-- 
Todd Fries .. [email protected]
(last updated $ToddFries: signature.p,v 1.2 2002/03/19 15:10:18 todd Exp $)
Penned by Todd T. Fries on Mon, Dec 02, 2002 at 10:27:35AM -0600, we have:
| Here's the official diff, after discussing with henning...
| -- 
| Todd Fries .. [email protected]
| 
| (last updated $ToddFries: signature.p,v 1.2 2002/03/19 15:10:18 todd Exp $)
| 
| Index: ./etc/netstart
| ===================================================================
| Original: ./etc/netstart
| diff -u <original> ./etc/netstart
| --- ./etc/netstart
| +++ ./etc/netstart	Mon Dec  2 10:27:00 2002
| @@ -30,6 +30,12 @@
|  		return
|  	fi
|  
| +
| +	RULES="$RULES\npass out on $if inet6 proto ipv6-icmp from { :: fe80::/16 } to ff02::/16 ipv6-icmp-type grouprep code 0"
| +	RULES="$RULES\npass out on $if inet6 proto ipv6-icmp from ($if) to any ipv6-icmp-type neighbrsol code 0"
| +	RULES="$RULES\npass in  on $if inet6 proto ipv6-icmp from any to ($if) ipv6-icmp-type neighbradv code 0"
| +	echo $RULES | pfctl -f -
| +
|  	# Now parse the hostname.* file
|  	while :; do
|  		if [ "$cmd2" ]; then
| @@ -260,6 +266,11 @@
|  	fw=`sysctl -n net.inet6.ip6.forwarding`
|  	ra=`sysctl -n net.inet6.ip6.accept_rtadv`
|  	if [ "x$fw" = "x0" -a "x$ra" = "x1" ]; then
| +
| +		RULES="$RULES\npass out on { $rtsolif } inet6 proto ipv6-icmp from fe80::/16 to ff02::2 ipv6-icmp-type routersol code 0"
| +		RULES="$RULES\npass in  on { $rtsolif } inet6 proto ipv6-icmp from fe80::/16 to ff02::1 ipv6-icmp-type routeradv code 0"
| +		RULES="$RULES\npass in  on { $rtsolif } inet6 proto ipv6-icmp from fe80::/16 to fe80::/16 ipv6-icmp-type routeradv code 0"
| +		echo $RULES | pfctl -f -
|  		echo "IPv6 autoconf:$rtsolif"
|  		rtsol $rtsolif
|  	else