So.. Im having some quirks with IPv6 Firewall on 5.0rc5.
I have a /48 setup on my router at a datacenter.
I have /64s set on different vlans/interfaces to sit aside the /24 private or public addresses that currently reside there.
All the IPv6 devices can get native ipv6 access to the net.
Now… I have a 6to4 tunnel setup to my office dropping off a /64 for that network. I have a domain controller at each location. I exported my ipv4 firewall rules and address lists and modified them to match the ipv6 addressing/requirements. The rule setup has jumps based on source/destination to keep everything organized/easy to manage.
Now… The rules seem to match sometimes and not match others. Ill see drops with a source ipv6 ip/port and dest ip/port that is CLEARLY permittied in one of the first jump chains, but it doesnt ALWAYS seem to match. Now, if I put a simple rule at the top allowing all ipv6 traffic in interface1 and out interface2 and a 2nd out inteface1 and in interface2, everything works flawlessly. It seems to be either cases where a jump is involved or an address list with several hosts is involved.
Ill post a copycat config later, dont have time to change all the damn ips around and keep it readable right now.
Just thought Id see if anyone else had this issue…
