Re: IPv6 "out of the box" support (netbase requirement?)
On Thu, 10 Jul 2003, Ivo Timmermans wrote:
> Giacomo Mulas wrote:
> > On Wed, 9 Jul 2003, Noah Meyerhans wrote:
> > > What would the complaints be? It's not like these hosts entries are
> > > intrusive in any way.
> >
> > Here is one: I have a carefully crafted firewalling script based on
> > iptables, and I believe I am relatively safe with respect to insecure
> > services; then you automagically add IPv6 support on my box and suddenly
> > my box is open to the world (iptables only filters IPv4).
>
> It's not about IPv6 support in the kernel, the matter at hand is if
> there should be IPv6 entries in /etc/hosts.
many, many people will have IPv6 support enabled in the kernel *as a
module*, and automatic module loading (look at stock kernels...). Putting
IPv6 entries in /etc/hosts will cause the module to be loaded, and then
you cannot even rmmod it... I think people should be advised to know that
if they really don't want IPv6 support to be enabled they must
uncomment/add the "alias net-pf-10 off" line in /etc/modutils/aliases.
just my 2¢..
bye
--
_________________________________________________________________
Giacomo Mulas <gmulas@ca.astro.it>
_________________________________________________________________
OSSERVATORIO ASTRONOMICO DI CAGLIARI
Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA)
Tel. (OAC): +39 070 71180 248 Fax : +39 070 71180 222
Tel. (UNICA): +39 070 675 4916
_________________________________________________________________
"When the storms are raging around you, stay right where you are"
(Freddy Mercury)
_________________________________________________________________
Reply to: