Why is it w, who, and finger truncate an ipv6 address just after the first 4 characters of the address (the first :)?
% who
mgrant pts/1 2016-07-18 06:15 (2a00:S.1)
% w
18:37:31 up 4 days, 12:26, 4 users, load average: 0.05, 0.07, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
mgrant pts/1 2a00:S.1 Mon06 4days 0.02s 0.02s /bin/bash
% finger
Login Name Tty Idle Login Time Office Office Phone
mgrant Michael Grant pts/1 4d Jul 18 06:15 (2a00:S.1)
The 'last' command does a little better, it truncates at 16 characters:
mgrant pts/0 2a00:23c4:6d10:4 Fri Jul 22 18:04:00 2016 still logged in
netstat does a little better still but not much:
tcp6 0 2640 2600:3c00::ffff:9:22 2a00:23c4:6d10:4d:36663 ESTABLISHED 12345/sshd: mgrant
It seems near impossible to find out what the ip address someone is logged in from when they come in via ipv6. tcpdump -n seems about the only way.
This seems so basic. Could all of these programs except tcpdump be broken with respect to displaying ipv6 addresses?
Michael Grant