On 12/10/2010 12:52 AM, Wil Schultz wrote: > On Dec 9, 2010, at 9:39 PM, George Bonser wrote: > >> >>>> Speaking of IPV6 security, is there any movement towards any open >>> source >>>> IPV6 firewall solutions for the consumer / small business? >>>> >>>> Almost all the info I've managed to find to date indicates no >>> support, nor >>>> any planned support in upcoming releases. >>>> >>>> Any info would be helpful. >>> monowall and openwrt (both for embedded routers support v6 without >>> drama. >> I believe Shorewall does too, now. >> >> >> > FreeBSD w/ PF seems to work great as well. :-) I'll second that; for 8-12 mbit with no vlans it even runs fine on a Soekris 4801 (I have 2 4801's and a 5500 (which has a fairly complicated internal vlan-based network and a 20meg external connection) doing normal nat + HE tunnel to native v6 internally. Since my boss got win7 going there is plenty of exercise for the v6 path. I suspect the OP wants a consumer-level gui though, which plain fbsd doesn't do, and there are some tricky parts to v6 pf configuration to handle ra and ndp (which I hope will get documented someday - 2 extra pass rules that you wouldn't expect to need). One of these days we will get native v6 coming in (hint, comcast :-)
-- Pete > -wil
