I've working /etc/pf.conf for IPv4. Recently, our ISP gave us free native /64 block. I've assigned IPv6 IPs by updating /etc/rc.conf file. But deploying IPv6 firewall giving out problem. It is not working. There is not good tutorial and pf man pages or OpenBSD pf guide also lacks details. Can anyone share working pf.conf script? Here is my current script...
Only IPv4 part is working and IPv6 is not working at all and I'm now lost...
Code:
pass in on $int_if inet6 from $adminrange6 to any
pass in on $ext_if inet6 proto udp from any to $dns_servers6 port 53
pass in on $ext_if inet6 proto tcp from any to $dns_servers6 port 53 flags S/SA synproxy state
pass in on $ext_if inet6 proto tcp from any to $http_servers6 port 80 flags S/SA synproxy state
pass in on $ext_if inet6 proto tcp from any to $mail_servers6 port $mail_ports flags S/SA synproxy state
pass in proto icmp6 all
pass out proto icmp6 all
pass out on $ext_if inet6 proto tcp from any to any port 21
pass out on $ext_if inet6 proto tcp from any to any port >1023
Only IPv4 part is working and IPv6 is not working at all and I'm now lost...