| 1 |
El 27/06/12 09:19, Alex Efros escribió: |
| 2 |
> Safe, but don't working. Do you enable ipv6 USE flag just to force people |
| 3 |
> to either disable unintentionally enabled IPv6 in kernel and/or add this |
| 4 |
> ip6tables configuration? |
| 5 |
No, we do it because otherwise the stage3 is unusable on ipv6 only |
| 6 |
environments and because people can still manually disable it. |
| 7 |
> I suppose you enable ipv6 USE flag to make it |
| 8 |
> easier for people to start using IPv6. But to use IPv6 these ip6tables |
| 9 |
> rules doesn't helps - we really need docs how to setup IPv6 firewall in |
| 10 |
> secure way, written by people who not just read IPv6 RFCs, but understood |
| 11 |
> all security implications of IPv6-specific features. Last time I tried to |
| 12 |
> google for such docs was few years ago, but I found nothing at all. |
| 13 |
I couldn't indeed find a good firewall document for ipv4 so... |
Archives