netbsd-bugs: bin/26885: /etc/rc.d/ipfilter reload does not flush IPv6 rules

Subject: bin/26885: /etc/rc.d/ipfilter reload does not flush IPv6 rules
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <"pavel@cahyna"@st.mff.cuni.cz>
List: netbsd-bugs
Date: 09/08/2004 12:36:39

>Number:         26885
>Category:       bin
>Synopsis:       /etc/rc.d/ipfilter reload does not flush IPv6 rules
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Sep 08 12:37:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     Pavel Cahyna
>Release:        2.0_BETA
>Organization:
>Environment:
NetBSD pc 2.0_BETA NetBSD 2.0_BETA (GENERIC_DIAGNOSTIC s patchem D. Reeda - PR#26839) #2: Mon Sep  6 20:38:28 CEST 2004  pavel@pc:/mnt/obj/kompilace/jadra/compile/GENERIC_DIAGNOSTIC i386
>Description:
/etc/rc.d/ipfilter has the following:

ipfilter_reload()
{
        echo "Reloading ipfilter rules."

        /sbin/ipf -I -Fa
        ...

But ipf -I -Fa flushes only IPv4 rules, not IPv6.
>How-To-Repeat:
see PR kern/26857
>Fix:
add the line
        /sbin/ipf -6 -I -Fa
to the ipfilter_reload() function.
>Release-Note:
>Audit-Trail:
>Unformatted: