Re: npf.conf tables | blocks of addresse

To: Darrel <levitch%iglou.com@localhost>
Subject: Re: npf.conf tables | blocks of addresse
From: Mindaugas Rasiukevicius <rmind%netbsd.org@localhost>
Date: Mon, 16 Jul 2012 00:24:33 +0100

Hello,

Please keep me in CC, as I am not subscribed to this list.

Darrel <levitch%iglou.com@localhost> wrote:
> 
> > I want for my hash file table to contain address blocks; e.g.,
> > 127.0.0.0/8
> >
> > <...>
> 
> After running CIDR addresses like 127.0.0.0/8 through the 'whatmask' 
> application and updating my IPv4 table to the netmask format; i.e., 
> 127.0.0.0 0.255.255.255 then npfctl loads my table.
> 
> Which still leaves the problem of how to make a IPv6 table, since npf 
> throws and error from ::1/128 or using prefixlen; e.g.,
> 
> # npfctl reload
> /etc/npf.conf:12:39: cannot parse '::1 prefixlen 128
> ' (hostname nor servname provided, or not known) near '"/etc/tbl2"'

NPF hash-type tables support only hosts, they do not support address
blocks with masks.  You have to use tree-type tables for that.

I have committed various fixes for NPF tables in -current (pullup request
is pending or netbsd-6 as well).  Can you please try again?

-- 
Mindaugas

References:
- npf.conf tables | blocks of addresses
  - From: Darrel
- Re: npf.conf tables | blocks of addresse
  - From: Darrel

Prev by Date: Re: creating a bridge in NetBSD?
Next by Date: Re: family inet and parameter stateful | npf.conf
Previous by Thread: Re: npf.conf tables | blocks of addresse
Next by Thread: family inet and parameter stateful | npf.conf
Indexes:

Home | Main Index | Thread Index | Old Index