1 |
El 27/06/12 09:19, Alex Efros escribió: |
2 |
> Safe, but don't working. Do you enable ipv6 USE flag just to force people |
3 |
> to either disable unintentionally enabled IPv6 in kernel and/or add this |
4 |
> ip6tables configuration? |
5 |
No, we do it because otherwise the stage3 is unusable on ipv6 only |
6 |
environments and because people can still manually disable it. |
7 |
> I suppose you enable ipv6 USE flag to make it |
8 |
> easier for people to start using IPv6. But to use IPv6 these ip6tables |
9 |
> rules doesn't helps - we really need docs how to setup IPv6 firewall in |
10 |
> secure way, written by people who not just read IPv6 RFCs, but understood |
11 |
> all security implications of IPv6-specific features. Last time I tried to |
12 |
> google for such docs was few years ago, but I found nothing at all. |
13 |
I couldn't indeed find a good firewall document for ipv4 so... |