diff --git a/src/auth.c b/src/auth.c
index 4a80bca..9c15bb0 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -253,6 +253,24 @@ int handleredirect(struct clientparam * param, struct ace * acentry){
 			if(cur->type == R_EXTIP){
 				param->sinsl = cur->addr;
 				if(SAISNULL(&param->sinsl))param->sinsl = param->sincr;
+#ifndef NOIPV6
+				else if(cur->cidr && *SAFAMILY(&param->sinsl) == AF_INET6){
+					char c;
+					int i;
+
+					for(i = 0; i < 16; i++){
+						if(i%8)myrand(&param->sincr, sizeof(param->sincr));
+						else if(i%4) myrand(&param->req, sizeof(param->req));
+
+						if(i*8 >= cur->cidr) ((char *)SAADDR(&param->sinsl))[i] = rand();
+						else if ((i+1)*8 >  cur->cidr){
+							c = rand();
+							c >>= (cur->cidr - (i*8));
+							((char *)SAADDR(&param->sinsl))[i] |= c;
+						}
+					}
+				}
+#endif
 				if(cur->next)continue;
 				return 0;
 			}
diff --git a/src/common.c b/src/common.c
index f9c507f..5153adf 100644
--- a/src/common.c
+++ b/src/common.c
@@ -141,13 +141,13 @@ char* NULLADDR="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
 
 int myrand(void * entropy, int len){
 	int i;
-	unsigned short init;
+	uint16_t init;
 
 	init = randomizer;
 	for(i=0; i < len/2; i++){
-		init ^= ((unsigned short *)entropy)[i];
+		init ^= ((uint16_t *)entropy)[i];
 	}
-	srand(init);
+	srand(rand()+init);
 	randomizer = rand();
 	return rand();
 	
diff --git a/src/conf.c b/src/conf.c
index 9ac087d..050308a 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -608,6 +608,7 @@ static int h_monitor(int argc, char **argv){
 static int h_parent(int argc, char **argv){
   struct ace *acl = NULL;
   struct chain *chains;
+  char * cidr;
 
 	acl = conf.acl;
 	while(acl && acl->next) acl = acl->next;
@@ -646,13 +647,16 @@ static int h_parent(int argc, char **argv){
 		fprintf(stderr, "Chaining error: bad chain type (%s)\n", argv[2]);
 		return(4);
 	}
-#ifndef NOIPV6
-	if(!getip46(46, argv[3], (struct sockaddr *)&chains->addr)) return 5;
-#else
+	cidr = strchr(argv[3], '/');
+	if(cidr) *cidr = 0;
 	getip46(46, argv[3], (struct sockaddr *)&chains->addr);
-#endif
 	chains->exthost = mystrdup((char *)argv[3]);
+	chains->exthost = (unsigned char *)mystrdup((char *)argv[3]);
 	if(!chains->exthost) return 21;
+	if(cidr){
+		*cidr = '/';
+		chains->cidr = atoi(cidr + 1);
+	}
 	*SAPORT(&chains->addr) = htons((unsigned short)atoi((char *)argv[4]));
 	if(argc > 5) chains->extuser = mystrdup((char *)argv[5]);
 	if(argc > 6) chains->extpass = mystrdup((char *)argv[6]);
diff --git a/src/structures.h b/src/structures.h
index 4b2a62d..ef80dba 100644
--- a/src/structures.h
+++ b/src/structures.h
@@ -294,10 +294,11 @@ struct chain {
 #else
 	struct sockaddr_in addr;
 #endif
-	unsigned short weight;
 	char * exthost;
 	char * extuser;
 	char * extpass;
+	unsigned short weight;
+	unsigned short cidr;
 };
 
 struct period {