ipfw forward to ipv6 addresses
umage
theultramage at gmail.com
Tue May 3 12:29:17 UTC 2011
Hi, on freebsd 8.2 ipfw assumes when parsing the commandline that the
target is an ipv4 address. Therefore,
$ipfw add 1000 forward $target ip6 from $source to any out keep-state
(to achieve source-based routing on a multihomed machine) will mess up
and parse it as 0.0.7.210,3 or whatever.
I found 5 year old bugreports on this:
http://www.freebsd.org/cgi/query-pr.cgi?pr=104921
http://www.freebsd.org/cgi/query-pr.cgi?pr=117214
I also found this discussion from year 2003:
https://www.sixxs.net/forum/?msg=setup-52946
where one of the users actually wrote a patch - for freebsd 4.8 - which
is still there, however the code has completely changed so only someone
who knows how ipfw is coded can do this.
I also checked the sources of ipfw2.c, and found
case TOK_FORWARD: {
ipfw_insn_sa *p = (ipfw_insn_sa *)action;
char *s, *end;
NEED1("missing forward address[:port]");
action->opcode = O_FORWARD_IP;
action->len = F_INSN_SIZE(ipfw_insn_sa);
/*
* In the kernel we assume AF_INET and use only
* sin_port and sin_addr. Remember to set sin_len as
* the routing code seems to use it too.
*/
p->sa.sin_family = AF_INET;
p->sa.sin_len = sizeof(struct sockaddr_in);
p->sa.sin_port = 0;
Which indicates that no attempt at ipv6 support was made when this was
coded.
Can this be solved somehow? Thanks.
More information about the freebsd-ipfw
mailing list