![[NetBSD Logo]](http://www.NetBSD.org/images/NetBSD-smaller.png)
- Contact: tech-net
- Mentors: Mindaugas Rasiukevicius
- Duration estimate: 3 months
IMPORTANT: This project was completed by Zoltan Arnold Nagy. You may still contact the people above for details, but please do not submit an application for this project.
NPF is a recently developed firewall for the NetBSD system. One of its missing features is support for IPv6. The student would have to add fully functional and reasonably tested IPv6 support for NPF. This work should not require design changes to NPF. Many modules in NPF contain abstracted logic/mechanism and do not rely on the length IP addresses. As an additional help, there is a task list document, describing specific steps at code level in order to achieve this objective.
High level deliverables are the following:
- Add support for IPv6 filtering criteria (userland + kernel).
- Adjust components where needed and make sure that stateful filtering works with IPv6 (kernel).
- Handle IPv6 addresses in the NPF tables - a container for a fast lookup (userland + kernel).
- IPv6 reassembly support, re-using NetBSD's network stack code (kernel).
Optionally (hard):
- Analyse IPv6 reassembly implications.
- Add support for protocol translation (NAT46, NAT64) and/or prefix translation (NPTv6).
- Kittens!
Note: good understanding of IPv6, some knowledge of data structures and concurrency are the prerequisites.