[Firehol-support] ipv4 action rejects ipv6 too [solved]
firehol at acrasis.net
Tue Feb 5 21:26:36 GMT 2019
On 2019-02-04 21:58 GMT, Nick wrote:
> This does prevent 192.168.1.69 from reaching the service without
> affecting the rest of the LAN. However, the host that is excluded
> over ipv4 is also excluded over ipv6. Should I expect that?
I think I now know what was going on and it wasn't firehol's doing, it
was user error.
It turns out that netcat by default listens on ipv4 only, which I
hadn't noticed before my firehol testing. If I use natcat's -6
switch, it listens on both ipv4 and ipv6. Then firehol rejects the
ipv4 connection but accepts the ipv6 connection, just as I wanted.
(In case anyone cares, this is OpenBSD netcat and more details about
-6 are at <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921446>.)
More information about the Firehol-support