From: Amos Jeffries <squid3@treenet.co.nz>
To: Jerry Vonau <jvonau@shaw.ca>
Cc: netfilter@vger.kernel.org
Subject: Re: Why does ipv6 addresses appear when loading a module?
Date: Mon, 12 Nov 2007 00:10:11 +1300 [thread overview]
Message-ID: <4736E313.70804@treenet.co.nz> (raw)
In-Reply-To: <4736A97E.8070604@shaw.ca>
Jerry Vonau wrote:
> Hi All:
>
> I'm not subscribed to the list, please cc me on any replies please.
>
> While playing around with the latest fedora, think I found an issue with
> a netfilter module. I run my boxes with ip6 disabled, you know, don't
> run what is not needed. I couldn't figure out why I was seeing ipv6
> addresses on my interfaces, and ipv6 module was loaded when I know that
> I disabled ipv6 in modprobe.conf and sysconfig/network. For my netfilter
> needs I use shorewall, which loads the module nf_nat_h323, which loads
> the nf_conntrack_h323 module, and that loads ipv6! Once ipv6 is loaded,
> you can't rmmod it and ipv6 addresses are assigned to the interfaces.
> I've disabled the loading of those modules and the ipv6 addresses don't
> occur. My question is this the intended behavior for this module?
>
> Thanks in advance,
>
> Jerry
Why are you so resistant to IPv6?
Addresses should only start occurring if the network the machine is
attached to is IPv6-enabled and active. When that happens ::1
(localhost, actually less dangerous than 127.0.0.1) is assigned, but
only the IPv6-connected interface gets an actual 2000::/3 public
allocation to use.
You appear to be in the perfect position to make the transition now and
painlessly. By forcibly disabling it you are making yourself come back a
a few months and re-enable it all piece-by-piece.
You would do better to leave it, and just configure the FW through
ip6tables.
Amos
next prev parent reply other threads:[~2007-11-11 11:10 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-11 7:04 Why does ipv6 addresses appear when loading a module? Jerry Vonau
2007-11-11 11:10 ` Amos Jeffries [this message]
2007-11-11 21:42 ` Jerry Vonau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4736E313.70804@treenet.co.nz \
--to=squid3@treenet.co.nz \
--cc=jvonau@shaw.ca \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox