ipv6_enable="NO"
ipv6_network_interfaces="none"
ipv6_activate_all_interfaces="NO"
ip6addrctl_enable="NO" # Set to YES to enable default address selection
ip6addrctl_verbose="NO" # Set to YES to enable verbose configuration messages
ip6addrctl_policy="ipv4_prefer" # A pre-defined address selection policy
# (ipv4_prefer, ipv6_prefer, or AUTO)
dmesg:
Flushed all rules.
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
00400 deny ip from any to ::1
00500 deny ip from ::1 to any
00600 allow ipv6-icmp from :: to ff02::/16
00700 allow ipv6-icmp from fe80::/10 to fe80::/10
00800 allow ipv6-icmp from fe80::/10 to ff02::/16
00900 allow ipv6-icmp from any to any ip6 icmp6types 1
01000 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
00350 allow ip from any to any
00399 skipto 600 ip from any to 91.217.110.0/23
00399 skipto 600 ip from any to 213.183.107.64/27
00400 skipto 700 ip from 172.16.14.0/24 to 172.16.0.0/16
00401 skipto 700 ip from 172.16.14.0/24 to 192.168.242.0/24
00550 deny ip from 172.16.14.0/24 to any
Line 10: getsockopt(IP_FW_ADD): Invalid argument
Firewall rules loaded.
# cat /etc/ipfw.conf
add 00100 allow ip from any to any via lo0
add 00200 deny ip from any to 127.0.0.0/8
add 00300 deny ip from 127.0.0.0/8 to any
add 00350 allow ip from any to any
add 00399 skipto 600 ip from any to 91.217.110.0/23
add 00399 skipto 600 ip from any to 213.183.107.64/27
add 00400 skipto 700 ip from 172.16.14.0/24 to 172.16.0.0/16
add 00401 skipto 700 ip from 172.16.14.0/24 to 192.168.242.0/24
add 00550 deny ip from 172.16.14.0/24 to any
add 00600 divert natd ip from any to any via 82.117.168.86
add 00699 allow ip from any to any