Index: sbin/ipfw/tables.c
===================================================================
--- sbin/ipfw/tables.c
+++ sbin/ipfw/tables.c
@@ -1168,7 +1168,7 @@
 
 static void
 tentry_fill_key_type(char *arg, ipfw_obj_tentry *tentry, uint8_t type,
-    uint8_t tflags)
+    uint8_t tflags, uint32_t vmask)
 {
 	char *p, *pp;
 	int mask, af;
@@ -1211,12 +1211,28 @@
 			af = AF_INET6;
 		} else {
 			/* Assume FQDN */
-			if (lookup_host(arg, (struct in_addr *)paddr) != 0)
-				errx(EX_NOHOST, "hostname ``%s'' unknown", arg);
+			if (vmask & IPFW_VTYPE_NH4) {
+				if (lookup_host(arg, (struct in_addr *)paddr) != 0)
+					errx(EX_NOHOST, "hostname ``%s'' unknown", arg);
 
-			masklen = 32;
-			type = IPFW_TABLE_ADDR;
-			af = AF_INET;
+				masklen = 32;
+				type = IPFW_TABLE_ADDR;
+				af = AF_INET;
+			} else if (vmask & IPFW_VTYPE_NH6) {
+				struct addrinfo hints, *res;
+				memset(&hints, 0, sizeof(hints));
+				hints.ai_family = AF_INET6;
+				
+				if (getaddrinfo(arg, NULL, &hints, &res) != 0)
+					errx(EX_NOHOST, "hostname ``%s'' unknown", arg);
+
+				*paddr = ((struct sockaddr_in6 *) res->ai_addr)->sin6_addr;
+				freeaddrinfo(res);
+
+				masklen = 128;
+				type = IPFW_TABLE_ADDR;
+				af = AF_INET6;
+			}
 		}
 		break;
 	case IPFW_TABLE_INTERFACE:
@@ -1472,7 +1488,7 @@
 		vmask = IPFW_VTYPE_LEGACY;
 	}
 
-	tentry_fill_key_type(key, tent, type, tflags);
+	tentry_fill_key_type(key, tent, type, tflags, vmask);
 
 	*ptype = type;
 	*pvmask = vmask;
@@ -1610,18 +1626,17 @@
 			}
 			break;
 		case IPFW_VTYPE_NH6:
-			if (strchr(n, ':') != NULL) {
-				memset(&hints, 0, sizeof(hints));
-				hints.ai_family = AF_INET6;
+			memset(&hints, 0, sizeof(hints));
+			hints.ai_family = AF_INET6;
+			if (strchr(n, ':') != NULL)
 				hints.ai_flags = AI_NUMERICHOST;
-				if (getaddrinfo(n, NULL, &hints, &res) == 0) {
-					v->nh6 = ((struct sockaddr_in6 *)
-					    res->ai_addr)->sin6_addr;
-					v->zoneid = ((struct sockaddr_in6 *)
-					    res->ai_addr)->sin6_scope_id;
-					freeaddrinfo(res);
-					break;
-				}
+			if (getaddrinfo(n, NULL, &hints, &res) == 0) {
+				v->nh6 = ((struct sockaddr_in6 *)
+				    res->ai_addr)->sin6_addr;
+				v->zoneid = ((struct sockaddr_in6 *)
+				    res->ai_addr)->sin6_scope_id;
+				freeaddrinfo(res);
+				break;
 			}
 			etype = "ipv6";
 			break;