Eric W. Bates
Tue, 31 Jan 2012 21:54:39 -0800
I assumed a gif was made up of ipencap (IP proto 4) packets and added rules: $fwcmd add 00140 allow ipencap from $he_tun to me $fwcmd add 00141 allow ipencap from me to $he_tun($he_tun is an Hurricane Electric provider); but neither of them are hit; so that's wrong...
tcpdump -i em_vlan5 -nnvvs0 ip proto 4 doesn't show any packets either... I also have the rule to allow icmp6 thru the gif: $fwcmd add 30132 allow icmp6 from me to any out via gif0 keep-statebut that doesn't get hit either. Bottom line: I cannot ping the far end of my ipv6 tunnel. I receive the error "permission denied"
** root@olivia ** ~ ** Tue Jan 31 23:31:43 # ping6 2001:****:****:****::1 PING6(56=40+8+8 bytes) 2001:****:****:****::2 --> 2001:****:****:****::1 ping6: sendmsg: Permission denied ping6: wrote 2001:****:****:****::1 16 chars, ret=-1 ping6: sendmsg: Permission denied Am I even correct in assuming that my gif packets are being blocked? Thanks. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"