[ntp:hackers] restrict and IPv6 issues

Danny Mayer mayer at ntp.org
Tue Jun 2 02:05:53 UTC 2009


Dave Hart wrote:
> On Tue, May 19, 2009 at 6:35 AM, Michael Tatarinov <kukabu at gmail.com> wrote:
>> I think a good idea to abandon "restrict -4 default" and "restrict -6
>> default" and use a single parser for IPv4/IPv6 addresses.
> 
> In fact with 4.2.5p178 "restrict default" should work for both, so the
> only reason to use "restrict -4 default" or "restrict -6 default" is
> if you really want different restrictions based on protocol.  Also,
> note "restrict -4 default ..." is equivalent to "restrict 0.0.0.0 mask
> 255.255.255.255 ..." and similarly for "restrict -6 default ..." and
> "restrict :: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff ..."
> 
> I do not think there is any reason to remove "restrict -4 default" or
> "restrict -6" default, though, as they are convenient shorthand.

The only issue with this interpretation of restrict default meaning for
both ipv4 and ipv6 is that that was not the previous meaning. I don't
think it's a real issue right now since I believe almost noone is using
ipv6 restricts at all. Hopefully this is not an issue for anyone.

Danny

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the hackers mailing list