On Tue, 10 Oct 2017 16:11:23 +0000 Mark Raynsford <[email protected]> wrote
> Hello. > > What is the syntax for specifying a range of IPv6 addresses in rules? > > I want to write rules of the form: > > pass out log quick on $nic_ppp inet6 proto tcp from > 2001:db8:8:10::/64 to any port 80 modulate state > > But pf appears to treat 2001:db8:8:10::/64 as a single address (I > intended it to mean an entire subnet). While I am filtering with pf(4), I have to admit I haven't used it to filter IPv6 for awhile. A search for an answer to your question seemed to indicate the following two links may be of help/interest: https://www.freebsd.org/doc/handbook/firewalls-pf.html https://bash.cyberciti.biz/firewall/pf-ipv6-ipv4-firewall-for-freebsd-openbsd-netbsd/ HTH --Chris > > -- > Mark Raynsford | http://www.io7m.com _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
