[ntp:hackers] restrict and IPv6 issues
Danny Mayer
mayer at ntp.org
Tue Jun 2 02:05:53 UTC 2009
Dave Hart wrote:
> On Tue, May 19, 2009 at 6:35 AM, Michael Tatarinov <kukabu at gmail.com> wrote:
>> I think a good idea to abandon "restrict -4 default" and "restrict -6
>> default" and use a single parser for IPv4/IPv6 addresses.
>
> In fact with 4.2.5p178 "restrict default" should work for both, so the
> only reason to use "restrict -4 default" or "restrict -6 default" is
> if you really want different restrictions based on protocol. Also,
> note "restrict -4 default ..." is equivalent to "restrict 0.0.0.0 mask
> 255.255.255.255 ..." and similarly for "restrict -6 default ..." and
> "restrict :: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff ..."
>
> I do not think there is any reason to remove "restrict -4 default" or
> "restrict -6" default, though, as they are convenient shorthand.
The only issue with this interpretation of restrict default meaning for
both ipv4 and ipv6 is that that was not the previous meaning. I don't
think it's a real issue right now since I believe almost noone is using
ipv6 restricts at all. Hopefully this is not an issue for anyone.
Danny
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the hackers
mailing list