On Dec 9, 2010, at 9:39 PM, George Bonser wrote:
Speaking of IPV6 security, is there any movement towards any open source IPV6 firewall solutions for the consumer / small business?
Almost all the info I've managed to find to date indicates no support, nor any planned support in upcoming releases.
Any info would be helpful. monowall and openwrt (both for embedded routers support v6 without drama. I believe Shorewall does too, now.
FreeBSD w/ PF seems to work great as well. :-) I'll second that; for 8-12 mbit with no vlans it even runs fine on a Soekris 4801 (I have 2 4801's and a 5500 (which has a fairly complicated internal vlan-based network and a 20meg external connection) doing normal nat + HE tunnel to native v6 internally. Since my boss got win7 going there is plenty of exercise for the v6 path. I suspect the OP wants a consumer-level gui though, which plain fbsd doesn't do, and
On 12/10/2010 12:52 AM, Wil Schultz wrote: there are some tricky parts to v6 pf configuration to handle ra and ndp (which I hope will get documented someday - 2 extra pass rules that you wouldn't expect to need). One of these days we will get native v6 coming in (hint, comcast :-) -- Pete
-wil