On Tue, Feb 01, 2011 at 10:51:00PM -0800, Brian Keefer wrote:
| 4.9 GENERIC#626 i386
|
| I write a rule that says this:
| pass in on $ext_if inet6 proto ipv6-icmp from any to 2620:0100:900f:c9::/56
|
| and pfctl shows this:
| pass in on em2 inet6 proto ipv6-icmp from any to 2620:100:900f::/56 keep
| state
|
| Maybe I'm crazy, but it seems 2620:100:900f:: would be /48 (assuming
| everything to the right is dynamic, no assumed zeros), and my original rule
| seems to have 56 bits to the left, unless I'm bad at counting, which is
| entirely possible.
|
| Is this a bug?
No, you're bad at counting. "c9" is an 8 bit value, represented as a
16-bit value you'd get "00c9". So the IPv6 network you're really using
is 2620:0100:900f:00c9:0000:0000:0000:0000/56 .. which is the same as
2620:0100:900f:00__:____:____:____:____/56 (with random hexadecimal
numbers in the place of all those _'s).
Either you meant 2620:0100:900f:c900::/56 or you really want to use
2620:0100:900f:c9::/64.
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
