From owner-freebsd-questions@freebsd.org Tue Jun 18 08:19:44 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AC24015AF79E for ; Tue, 18 Jun 2019 08:19:44 +0000 (UTC) (envelope-from dr.klepp@gmx.at) Received: from vie01a-dmta-at52-1.mx.upcmail.net (vie01a-dmta-at52-1.mx.upcmail.net [62.179.121.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 08F9697953 for ; Tue, 18 Jun 2019 08:19:43 +0000 (UTC) (envelope-from dr.klepp@gmx.at) Received: from [172.31.216.41] (helo=vie01a-pemc-psmtp-at50) by vie01a-dmta-at52.mx.upcmail.net with esmtp (Exim 4.92) (envelope-from ) id 1hd9FW-0006Rm-84 for freebsd-questions@freebsd.org; Tue, 18 Jun 2019 10:13:50 +0200 Received: from [192.168.0.100] ([85.126.97.210]) by vie01a-pemc-psmtp-at50 with SMTP @ mailcloud.upcmail.net id S8Dl2002l4YLlkt0B8Dm0v; Tue, 18 Jun 2019 10:13:46 +0200 X-SourceIP: 85.126.97.210 X-CNFS-Analysis: v=2.2 cv=O6RJhF1W c=1 sm=2 tr=0 cx=a_idp_f a=/Ac8Q0O/YFE5LOLfUiYZVw==:117 a=/Ac8Q0O/YFE5LOLfUiYZVw==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=IkcTkHD0fZMA:10 a=hKNOJcEOAAAA:8 a=A6LmOzobvgA6zZIId7wA:9 a=QEXdDO2ut3YA:10 a=XzhKbxqxvhA9PZRCS47t:22 From: "Dr. Nikolaus Klepp" To: freebsd-questions@freebsd.org Subject: Re: Eliminating IPv6 (?) Date: Tue, 18 Jun 2019 10:14:00 +0200 User-Agent: KMail/1.9.10 References: <18748.1560843874@segfault.tristatelogic.com> <9AF5DF39-9B81-4270-B25C-D089C971E924@punkt.de> In-Reply-To: <9AF5DF39-9B81-4270-B25C-D089C971E924@punkt.de> X-KMail-QuotePrefix: > MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <201906181014.00267.dr.klepp@gmx.at> X-Rspamd-Queue-Id: 08F9697953 X-Spamd-Bar: +++++++++ Authentication-Results: mx1.freebsd.org; spf=fail (mx1.freebsd.org: domain of dr.klepp@gmx.at does not designate 62.179.121.142 as permitted sender) smtp.mailfrom=dr.klepp@gmx.at X-Spamd-Result: default: False [9.80 / 15.00]; FREEMAIL_FROM(0.00)[gmx.at]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: mx00.emig.gmx.net]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmx.at]; ASN(0.00)[asn:6830, ipnet:62.179.0.0/17, country:AT]; SUBJECT_HAS_QUESTION(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[142.121.179.62.list.dnswl.org : 127.0.5.1]; ARC_NA(0.00)[]; R_SPF_FAIL(1.00)[-all]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.95)[0.953,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[gmx.at]; NEURAL_SPAM_MEDIUM(1.00)[1.000,0]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+]; NEURAL_SPAM_LONG(1.00)[1.000,0]; MID_CONTAINS_FROM(1.00)[]; FROM_NAME_HAS_TITLE(1.00)[dr]; IP_SCORE(1.06)[ipnet: 62.179.0.0/17(1.53), asn: 6830(3.84), country: AT(-0.10)]; FORGED_MUA_KMAIL_MSGID(3.00)[]; GREYLIST(0.00)[pass,body] X-Spam: Yes X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Jun 2019 08:19:44 -0000 Anno domini 2019 Tue, 18 Jun 09:54:53 +0200 Patrick M. Hausen scripsit: > Hi! >=20 > > Am 18.06.2019 um 09:44 schrieb Ronald F. Guilmette : > > As I have already learned, the /etc/rc.firewall script also assumes bot= h the > > presence of, and the desirability of IPv6 support. And unless one edit= s that > > file manually... which I have been effectively forced to do... there is= no way > > to get it to simply NOT create and install multiple IPv6-related ipfw r= ules, > > EVEN THOUGH in my particular situation... which is still the most commo= n case... > > those extra and entirely superfluous IPv6 ipfw filtering rules are serv= ing > > no earthly purpose whatsoever and are only cluttering up my ipfw rule s= et, > > thus pointlessly making it harder for me to grok and maintain them all. >=20 > Instead of messing with the system provided file you could > create a new one with only your own desired rules and then set > this rc.conf variable: >=20 > firewall_script=3D"/etc/rc.firewall" # Which script to run to set up the= firewall >=20 > As for the rest of your request, yes, I find it unreasonably in 2019 but > let=E2=80=99s not get into a fight about that. IPv6 is here to stay. If y= ou boot any > Mac or Windows 10 desktop, IPv6 will be active and even necessary for > service autodiscovery and similar things to work. It might sound stupid in a world of permanent servailance, but some people = might want to keep their doors closed (and give a damn what M$ and rotten t= omatos want). IPv6 is not a sensible way to get this done ;) Nik >=20 > Kind regards > Patrick =2D-=20 Please do not email me anything that you are not comfortable also sharing w= ith the NSA, CIA ...