Re: Updated prefix filtering

[Frederik Kriewitz <frederik () kriewitz eu>]

Hello Dave,

On Sun, May 10, 2015 at 1:49 AM, Dave Taht <dave.taht () gmail com> wrote:
> I have had a piece long on the spike on how we implemented bcp38 for
> linux (openwrt) devices using the ipset facility.
>
> We had a different use case (preventing all possible internal rfc1918
> network addresses from escaping, while still allowing punching through
> one layer of nat ), but the underlying ipset facility was easily
> extendible to actually do bcp38 and fast to use, so that is what we
> ended up calling the openwrt package. Please contact me offlist if you
> would like a peek at that piece, because the article had some
> structural problems and we never got around to finishing/publishing
> it, and I would like to....
>
> has there been a bcp38 equivalent published for ipv6?

I don't see how this is related to the OPs problem.
But there's the rpfilter iptables module which can be used for BCP38
IPv4 and IPv6 implementations on linux routers.