ipv6 working?

[mdlaat]

Hi, Please excuse me if this is not the proper place to ask. This is the only "forum" I could find regarding apf. First of all, thank you for apf!

I wonder if ipv6 is working in my case. I am using v1.7.6-2 ifconfig reports a ipv4 and ipv6 address on my public interface. I have ipv6 enabled in conf.apf USE_IPV6="1"

If I issue a apf -r, no message is being displayed that refers to ipv6. Afterwards, iptables -S shows all things I have configured. ip6tables -S shows only:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

Furthermore, in allow_hosts.rules I have a rule that allow me to ssh to my box from my home address: tcp:in:d=22:s=1.2.3.4 But if put there also my ipv6 home address: tcp:in:d=22:s=a:b:c:d:e:f:g:h

and restart apf, I see a message:

apf(1441925): {trust} allow inbound tcp 2a00 to port 22
iptables v1.8.4 (nf_tables): host/network `2a00' not found
Try `iptables -h' or 'iptables --help' for more information.

So this makes me wondering if I am doing something wrong here? Thank you

[jasonwee]

This is not supported, but my fork master branch does. Please take a look, hopefully it work. finger cross ;-)