> Date: Fri, 5 Oct 2007 19:15:07 +0000 (UTC) > From: "Bjoern A. Zeeb" <bzeeb-lists_at_lists.zabbadoz.net> > > On Fri, 5 Oct 2007, Julian Elischer wrote: > > Hi, > > > Kevin Oberman wrote: > >>> Date: Fri, 05 Oct 2007 11:02:22 -0700 > >>> From: Julian Elischer <julian_at_elischer.org> > >>> > >>> Kevin Oberman wrote: > >>>> At this time the use of tables in ipfw is limited to IPv4. Is anyone > >>>> looking at adding IPv6 address capability? > >>> > >>> I am but it's not 'soon' on my list. > >> > >> I am on travel for a couple of weeks, so I may try and get a start on > >> this while at airports or on planes. > >> > >> Tables are very useful for allowing an IDS set up blocks on the > >> fly. Right now I am limited to a new rule for every block and that is > >> not very portable (since I don't want to step on existing rules) and > >> very messy since, except for the address, all of the rules are > >> identical. > > > > yeah, exactly.. "me too". > > > >> I'm using tables right now for V4, but I really need to have v6 support > >> soon. I'm just not real sure what 'soon' is. I hope it's different from > >> yours. > > > The question is: > > do we want to duplicate the table framework for IPv6 or have mixed > tables with both v4 and v6 addresses? > > While I am thinking about performance for lookups etc. I am more > worried about the userspace API which might change. That might be > troublesome for the 7-tree. While I would hope to eventually have mixed tables with both v4 and v6 addresses, starting out (v7 era) with table and table6 would be great. It lets me get the job done. Almost all ipfw support for v6 started as separate and is slowly merging into a common facility. (If you think it is fully merged today in current, you don't run v6 is production and use ipfw with it.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman_at_es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:18 UTC