Eliminating IPv6 (?)
Dr. Nikolaus Klepp
dr.klepp at gmx.at
Tue Jun 18 08:19:44 UTC 2019
Anno domini 2019 Tue, 18 Jun 09:54:53 +0200
Patrick M. Hausen scripsit:
> Hi!
>
> > Am 18.06.2019 um 09:44 schrieb Ronald F. Guilmette <rfg at tristatelogic.com>:
> > As I have already learned, the /etc/rc.firewall script also assumes both the
> > presence of, and the desirability of IPv6 support. And unless one edits that
> > file manually... which I have been effectively forced to do... there is no way
> > to get it to simply NOT create and install multiple IPv6-related ipfw rules,
> > EVEN THOUGH in my particular situation... which is still the most common case...
> > those extra and entirely superfluous IPv6 ipfw filtering rules are serving
> > no earthly purpose whatsoever and are only cluttering up my ipfw rule set,
> > thus pointlessly making it harder for me to grok and maintain them all.
>
> Instead of messing with the system provided file you could
> create a new one with only your own desired rules and then set
> this rc.conf variable:
>
> firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
>
> As for the rest of your request, yes, I find it unreasonably in 2019 but
> let’s not get into a fight about that. IPv6 is here to stay. If you boot any
> Mac or Windows 10 desktop, IPv6 will be active and even necessary for
> service autodiscovery and similar things to work.
It might sound stupid in a world of permanent servailance, but some people might want to keep their doors closed (and give a damn what M$ and rotten tomatos want). IPv6 is not a sensible way to get this done ;)
Nik
>
> Kind regards
> Patrick
--
Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ...
More information about the freebsd-questions
mailing list