Penned by Stephan A. Rickauer on 20081219 16:44.47, we have: | On Fri, 2008-12-19 at 08:13 -0600, [email protected] wrote: | > | > Wrong. Try this instead: | > | > | > | > rdr pass inet6 proto tcp from lan:network -> lan port 8081 | > | | > | > You cannot redirect to `::', a wildcard address. You must redirect to | > | > a specific address. | > | | > | Oh, yes. This is wrong indeed. I wonder why pfctl hasn't bailed out. | > | However, using "-> ::1" should then do the trick as well, right? | > | > Sorry I was not clear. With IPv6, unlike IPv4, it is not possible to | > redirect to `localhost'. You must redirect to a global scope address. | | You Made My Week. | | It's working. Awesome. Thanks a lot! | This is a good example where ipv4 concepts can't be applied to the ipv6 | world in a straight forward way. I would not have thought that it's no | longer possible to redirect to localhost, ever. Well, time to put | localhost off the network then ;)
To be clear, this is due to the way pf rdr and IPv6 interaction works. Not sure if 'ever' is the right outlook here. [..] | > I'm still convinced the pf.conf is the problem, redirect to a global scope | > IPv6 address and I suspect you'll be much better off. | | Yes, that fixed it. Thanks again. Welcome. -- Todd Fries .. [email protected] _____________________________________________ | \ 1.636.410.0632 (voice) | Free Daemon Consulting, LLC \ 1.405.227.9094 (voice) | http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX) | "..in support of free software solutions." \ 250797 (FWD) | \ \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A http://todd.fries.net/pgp.txt
