On Fri, 5 Oct 2007, Julian Elischer wrote: Hi, > Kevin Oberman wrote: >>> Date: Fri, 05 Oct 2007 11:02:22 -0700 >>> From: Julian Elischer <julian_at_elischer.org> >>> >>> Kevin Oberman wrote: >>>> At this time the use of tables in ipfw is limited to IPv4. Is anyone >>>> looking at adding IPv6 address capability? >>> >>> I am but it's not 'soon' on my list. >> >> I am on travel for a couple of weeks, so I may try and get a start on >> this while at airports or on planes. >> >> Tables are very useful for allowing an IDS set up blocks on the >> fly. Right now I am limited to a new rule for every block and that is >> not very portable (since I don't want to step on existing rules) and >> very messy since, except for the address, all of the rules are >> identical. > > yeah, exactly.. "me too". > >> I'm using tables right now for V4, but I really need to have v6 support >> soon. I'm just not real sure what 'soon' is. I hope it's different from >> yours. The question is: do we want to duplicate the table framework for IPv6 or have mixed tables with both v4 and v6 addresses? While I am thinking about performance for lookups etc. I am more worried about the userspace API which might change. That might be troublesome for the 7-tree. -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT Software is harder than hardware so better get it right the first time.Received on Fri Oct 05 2007 - 17:38:14 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:18 UTC