IPFilter is very close to finish IPv6 support in Solaris10. I am intending to putback the IPv6 code to onnv(The developed Solaris11) in a couple weeks. After 4 weeks' soak time, Solaris10 update will see the IPv6 packet filtering works. :)
In addition to functionalities available in IPv4, IPFilter can distinguish the traffice by matching extension header not existant in IPv4. NAT, the main usage in IPv4, is not available any more.
NAT is mainly one solution of IP address shortage, there is no such requirement in IPv6. So simply we skip the feature.
IP pool is modified to IPv6 enabled from the userland command through the kernel module. Pools of IPv4/IPv6/IPv4&6 address are allowed, which lead to easy management.
I am wondering if it make much sense to make IPFilter SNMP managable and then easily centralized management. Also I am interested in the idea of GUI interface for the IPFilter. Pls make comments. :)
