The "Neighbor Advertisement" messages are used for routing purples by
the Neighbor Discovery Protocol..
The standard SSH port is 22
The standard Telnet port is 23
(ipfw add deny tcp from XXX:XXX:XX to any dst-port 22,23 via YYY)
these rules refer to IPFW not IP6FW. You must use IPFW.
cheers
Raffaele
On 19/giu/08, at 04:04, Edwin Sanjoto wrote:
Thanks Raffaele, It works...
another question that i want to ask is, what is the using of
"Neighbor Advertisement" which is icmptypes 136?
LAst question:
I don't know the rules to block ssh and telnet. I've already done
this:
$cmd6 00503 allow tcp from 2001::6:111 to any 22,23 in via ed0
$cmd6 00504 deny tcp from any to any 22,23 in via ed0
But after i display the ip6fw list, i didn't find the rules for
blocking ssh and telnet.
Regards,
EDWIN Sanyoto
([EMAIL PROTECTED])
----- Original Message ----
From: Raffaele De Lorenzo <[EMAIL PROTECTED]>
To: Edwin Sanjoto <[EMAIL PROTECTED]>
Cc: freebsd-ipfw@freebsd.org
Sent: Tuesday, June 17, 2008 2:37:17 PM
Subject: Re: freebsd-ipfw Digest, Vol 270, Issue 1
Hi,
I see From [RFC4861] the icmpv6 type 136 is still used for "Neighbor
Advertisement" messagges
136 Neighbor Advertisement [RFC4861]
You must modify your ipfw IPv6 rules... see this URL for all
informations:
http://www.iana.org/assignments/icmpv6-parameters
Anyway the "echo request" message type is 128 and the "echo reply"
message type is 129.
Cheers
Raffaele
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
