tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Limiting rpc.lockd to IPv4 only

Paul Goyette <> writes:

> On Sun, 12 Aug 2012, Greg Troxel wrote:
>>> Disable in which way?
>>> Remove INET6 from kernel?  yes, that works.
>>> Remove tcp6 and udp6 from netconfig?  No, that doesn't work.  (It also
>>> is not sufficient for nfsd ...)
>> Why are you trying to disable IPv6?   Lots of things listen on
>> and ::1 both, and I don't see the harm.
>> (I'm not saying you shouldn't, and that there shouldn't be flags to
>> disable v6 for various problems, but it seems like you are solving a
>> non-problem.)
> The problem is that I'm not ready to run a full IPv6 system, with
> globally routed addresses, until I've actually figured it all out.  I
> want to take baby steps.
> So, until I am ready, /etc/netconfig will have only IPv4 entries, and
> I don't want nfsd or its friends listening on IPv6!

I don't see any problem from listening on ::1 while you don't have
global addresses.
I would just add firewall rules if you're paranoid.   Of course, if
you're paranoid, you wouldn't run nfs.

Attachment: pgpdRq6NeXTr4.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index