IPv6 Filtering :ipfilter 4.1.8 and pfil 2.1.7 sparc solaris 9
This is a discussion on IPv6 Filtering :ipfilter 4.1.8 and pfil 2.1.7 sparc solaris 9 within the IPFilter forums, part of the System Security and Security Related category; --0-342365393-1139331327=:36878 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Hello All Thanks to ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-07-2006
|
|||
|
|||
IPv6 Filtering :ipfilter 4.1.8 and pfil 2.1.7 sparc solaris 9
--0-342365393-1139331327=:36878
Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Hello All Thanks to Mr Darren for the reply . Stiil i am not able to filter ipv6 packets I am using ipfilter 4.1.8 and pfil 2.1.7 on solaris 9 sparc 64 bit system. ipv4 filtering doing well. But problem with IPv6 filtering .. I had already asked the same question in the group and Mr Dareen replied that Configuration is wrong . I could able to find ,what i am doing wrong .. Here i am listing my system information and the procedure followed to configure IPFilter oot@sf44buce01> ifconfig -a6 lo0: flags=2000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6> mtu 8252 index 4 inet6 ::1/128 ce3: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 5 ether 0:3:ba:da:81:81 inet6 fe80::203:baff:feda:8181/10 groupname sc_ipmp0 ce3:1: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 5 inet6 2006:22:188:252:0:66:1:3/10 ce3:2: flags=2080841<UP,RUNNING,MULTICAST,ADDRCONF,IPv6> mtu 1500 index 5 inet6 2002:db9:3c4d:15:203:baff:feda:8181/64 I confgured ipf6.conf with simple rule root@sf44buce01> cat /etc/opt/ipf/ipf6.conf log in all #/etc/init.d/ipfboot start I tried to monitor the packets using "ipmon" .But no output root@sf44buce01> ipfstat -6hio empty list for ipfilter(out) 0 log in all Note : ipmon working fine for ipv4 oot@sf44buce01> ipfstat -hio empty list for ipfilter(out) 1644 log in all #netstat -r Routing Table: IPv6 Destination/Mask Gateway Flags Ref Use If --------------------------- --------------------------- ----- --- ------ ----- 2002:db9:3c4d:15::/64 2002:db9:3c4d:15:203:baff:feda:8181 U 1 2 ce3:2 fe80::/10 fe80::203:baff:feda:8181 U 1 18 ce3 2000::/10 sf44buce01 U 1 7 ce3:1 ff00::/8 fe80::203:baff:feda:8181 U 1 0 ce3 default fe80::203:baff:feda:8181 U 1 1 ce3 localhost localhost UH 4 36 lo0 Is the procedure followed by me proper? Best Regards Pradeep Reddy --------------------------------- Yahoo! Mail - Helps protect you from nasty viruses. --0-342365393-1139331327=:36878 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Hello All <br> <br> Thanks to Mr Darren for the reply .<br> <br> Stiil i am not able to filter ipv6 packets <br> <br> I am using ipfilter 4.1.8 and pfil 2.1.7 on solaris 9 sparc 64 bit system.<br> <br> ipv4 filtering doing well. But problem with IPv6 filtering ..<br> <br> I had already asked the same question in the group and Mr Dareen replied that Configuration is wrong .<br> <br> I could able to find ,what i am doing wrong ..<br> <br> Here i am listing my system information and the procedure followed to configure IPFilter <br> <br> oot@sf44buce01> ifconfig -a6<br> lo0: flags=2000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv 6> mtu 8252 index 4<br> inet6 ::1/128 <br> ce3: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 5<br> ether 0:3:ba:da:81:81 <br> inet6 fe80::203:baff:feda:8181/10 <br> groupname sc_ipmp0<br> ce3:1: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 5<br> inet6 2006:22:188:252:0:66:1:3/10 <br> ce3:2: flags=2080841<UP,RUNNING,MULTICAST,ADDRCONF,IPv 6> mtu 1500 index 5<br> inet6 2002:db9:3c4d:15:203:baff:feda:8181/64 <br> <br> <font size="3">I confgured ipf6.conf with simple rule </font><br> <br> root@sf44buce01> cat /etc/opt/ipf/ipf6.conf <br> log in all <br> <br> #/etc/init.d/ipfboot start <br> <br> I tried to monitor the packets using "ipmon" .But no output<br> <br> root@sf44buce01> ipfstat -6hio<br> empty list for ipfilter(out)<br> 0 log in all <br> Note : ipmon working fine for ipv4<br> <br> oot@sf44buce01> ipfstat -hio<br> empty list for ipfilter(out)<br> 1644 log in all<br> <br> #netstat -r <br> Routing Table: IPv6<br> Destination/Mask &nbs p; Gateway & nbsp; &nb sp; Flags Ref Use If <br> --------------------------- --------------------------- ----- --- ------ -----<br> 2002:db9:3c4d:15::/64 2002:db9:3c4d:15:203:baff:feda:8181 U 1 2 ce3:2<br> fe80::/10 &n bsp; fe80::203:baff:feda:8181 U 1 18 ce3 <br> 2000::/10 &n bsp; sf44buce01 &nbs p; &nbs! p; U 1 7 ce3:1<br> ff00::/8 & nbsp; &nb sp; fe80::203:baff:feda:8181 U 1 0 ce3 <br> default & nbsp; &nb sp; fe80::203:baff:feda:8181 U 1 1 ce3 <br> localhost   ; & nbsp; localhost   ; & nbsp; UH 4 36 lo0 <br> <br> Is the procedure followed by me proper?<br> <br> Best Regards<br> Pradeep Reddy <br> <p> <hr size=1> <a href="http://us.rd.yahoo.com/mail_us/taglines/virusmail/*http://mail.yahoo.com">Yahoo! Mail</a> - Helps protect you from nasty viruses. --0-342365393-1139331327=:36878-- 
|
Linear Mode
