DHCPv6 Comcast Error

whfsdude · Jun 5, 2012, 12:19 AM

So Comcast has turned up DHCPv6 for me and it's be working with a bit of hackery.

I have to bring up the track interface after the firewall rules have loaded as it produces the following rule which errors.

" There were error(s) loading the rules: /tmp/rules.debug:209: macro 'Comcast' not defined/tmp/rules.debug:209: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [209]: pass in quick on $Comcast inet6 from any to 26013a80:7:0:0:0:0/64 keep state label "Allow IPv6 in on Comcast to 26013a80:7:0:0:0:0/64" …"

Version:
2.1-BETA0 (amd64)
built on Mon Jun 4 05:56:38 EDT 2012
FreeBSD 8.3-RELEASE-p2

I'm happy to provide access to my installation or will retrieve anything relavent.

whfsdude · Jun 5, 2012, 12:21 AM

I should mention I'm using PD and have the track interface on my LAN int.

databeestje · Jun 5, 2012, 12:47 PM

Can you show the top 10 lines or so of your /tmp/rules.debug.

They hold the macros and should have the Comcast macro.

A before and after would be ideal.

whfsdude · Jun 5, 2012, 5:47 PM

Complete rules before:
http://bin6.it/p/MzBkMj

Complete rules after:
http://bin6.it/p/OGU5Yz

Rules it adds that appear to throw error:

Automatic Pass rules for any delegated IPv6 prefixes through dynamic IPv6 clients

pass in quick on $LAN inet6 from 26013a80:7:0:0:0:0/64 to any keep state label "Allow IPv6 on LAN to any"
pass in quick on $Comcast inet6 from any to 26013a80:7:0:0:0:0/64 keep state label "Allow IPv6 in on Comcast to 26013a80:7:0:0:0:0/64"

databeestje · Jun 5, 2012, 9:03 PM

should be fixed, gitsync please.

whfsdude · Jun 6, 2012, 9:22 PM

@databeestje:

should be fixed, gitsync please.

Sorry for the delay in this. It's fixed and working great. Thanks! ;D