Last Updated: 2007-03-14 08:58:09 UTC
by Swa Frantzen (Version: 2)
Source code patches are available at:
# vi /etc/pf.conf
Add a line:# pfctl -f /etc/pf.conf
block drop in inet6 all
To load the new rules in the pf packet filter# pfctl -s rules
Check the rule got loaded in the runtime rules.The workaround does disable all incoming IPv6 packets on the machine.
The patch itself is a kernel patch, so you will need to recompile a kernel, install it and reboot the affected machines.
Update (Arrigo): the 3.9 patch applies cleanly to the 3.8, 3.7 and even 3.0 trees. No excuse not to patch older systems!
Swa Frantzen -- NET2S