On Sun, Jan 23, 2005 at 05:58:17PM +0100, Daniel Hartmeier wrote: > On Sun, Jan 23, 2005 at 12:44:32PM +0100, nik wrote: > > > I've got a sstupid problem, I've configured my OpenBSD machine > > either on the ipv6 side, but she wont work and she get me ipv6 > > arp errors .. > > > > tunnel broker is 1.26.128.35 > > pf sees each IPv6 packet twice, once encapsulated (IPv6-in-IPv4) on the > real interface xl0, once as native IPv6 on gif0. If you block it on > either interface, it will be dropped. > > Hence, you'll need to allow the encapsulated traffic on the real > interface, like: > > pass out on xl0 inet proto ipv6 from 41.19.150.66 to 1.26.128.35 \ > keep state > pass in on xl0 inet proto ipv6 from 1.26.128.35 to 41.19.150.66 \ > keep state > > And move all your 'inet6' rules to 'on gif0'. > > Daniel
Hi Daniel, Thanks for your suggestions, I've added the rules and modified the existences whit gif0 but it seems not work. I don't know something else to do ... The error is the same ... Thank you in advice. -- nik <[EMAIL PROTECTED]> Powered by OpenBSD -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GP d-- s+: a? C+++ UB- P L E- W++ N* o-- K- w-- O M- V+ PS+++ PE+++ Y+ PGP+ t 5 X+ R+ tv-- b++ DI+ D++ G e++++ h++ r% y+ ------END GEEK CODE BLOCK------
