>Firewall system running NetBSD 1.4 with fairly recent IPv6 patches:
>It's running IPNat for all of the local machines (Windows stuff, mostly)
>and is also connected to the 6BONE using a connection at Sprint.  I'm going
>to need to figure out how to block traffic on this machine for IPv6 (a v6
>firewall) to complete the security sweep.

	Thanks, it is very happy to hear about actual usage.

	Actually KAME kit for FreeBSD 2.2.8 got IPv6 packet filter.
	The problems for KAME team are:
	- NetBSD's IPv4 filtering code compress states very well (= code
	  is complex) and is not straightforward to update it to handle IPv6
	- every *BSD has different implementation of IPv4 packet filter,
	  so we need to fix IPv4 filter code to handle IPv6 several times...
	  (maintenance is a horror story!)
	Could someone volunteer to work on upgrading NetBSD's IPv4
	packet filter to handle IPv6?
	Or, you may want to grab ip6fw (IPv6 packet filtering code based on
	FreeBSD 2.2.8's ipfw) from KAME/FreeBSD228, and put it into your
	kernel.

itojun