Re: Any way to "bridge" only IPv6 packets?

[Brian Buhrow <buhrow%nfbcal.org@localhost>]

On Aug 8,  7:49pm, Dave Huang wrote:
} Subject: Any way to "bridge" only IPv6 packets?
} 
} is there any way to have the NetBSD box do its current =
} NAT/IPsec/firewall/etc... for IPv4 traffic, but transparently pass IPv6 =
} packets between its two interfaces? E.g., router solicitation packets =
} from the LAN devices would be sent unmodified to the AT&T router, router =
} advertisements from the router would be sent unmodified to the LAN, =
} etc... I don't think bridge(4) is what I want, since if I bridge the two =
} interfaces on the NetBSD box, I won't be able to have it NAT IPv4, =
} right?
} 
        Hello Dave.  Can't you use the BRIDGE_IPF option to enable filtering on
the bridge(4) that bridges the inside and outside interface of your NetBSD
box and then write a filter that allows IPV6 and blocks IPV4 packets?
Then, you  can write your normal firewall rules for IPV4 against the inside
and outside interfaces as you normally would by putting IPV4 addresses on
each.  Another way to possibly do this is if you have 3 interfaces on your
NetBSD box.  The outside interface would bridge to one of the inside
interfaces and only allow IPV6 trafic.  The second inside interface would
be your IPV4 interface on your home network.  Assuming your NetBSD box is
not an old Sun box where all NIC cards have the same MAC address, you could
plug both inside interfaces into your inside switch without fear of
creating a packet storm.  

-thanks
-Brian