Op 24-4-2012 10:59, Chris Buechler schreef:
On Tue, Apr 24, 2012 at 4:54 AM, Stefan Baur
<[email protected]> wrote:
Uh, don't get me wrong, I'm all for timely updates that fix security issues.
I just don't want to drag fancy stuff along that I don't need. And at
present, that's what full IPv6 support is for me.
Which will be fully disabled when upgrading from any prior release,
none of those changes will have any impact on upgraded systems.
To be clear on this, the upgrade to 2.1 will toggle the "Allow IPv6" on
the advanced page.
However:
This will still result in a default deny rule for IPv6 just like before,
and it will log to the firewall logs. You will need to add rules to
allow traffic. You can still uncheck the "Allow IPv6" on the advanced
page to block and not log traffic.
All the interfaces keep their IPv4 configuration just as before. No
interfaces will "automatically" enable IPv6. You need to configure
interfaces for IPv6 if you want to use them.
So the upgrade configuration is just as secure as the previous one, but
it prevents a lot of foot shooting, which became clear pretty quickly
during the 2.1 Development.
New configurations:
If you reset to factory defaults the WAN is configured for both DHCP and
DHCP6. The lan has a 192.168.1.1 static IP like before. The lan will
autoconfigure IPv6 from the DHCP6 client when it gets a lease.
Regards,
Seth
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
