#11629 NORM xs-0.7: XS has no IPv6 firewall but runs IPv6 listening services
Zarro Boogs per Child
bugtracker at laptop.org
Wed Feb 15 16:17:59 EST 2012
#11629: XS has no IPv6 firewall but runs IPv6 listening services
-------------------------------------+--------------------------------------
Reporter: greenfeld | Owner: dsd
Type: defect | Status: assigned
Priority: normal | Milestone: xs-0.7
Component: school server | Version: Development build as of this date
Resolution: | Keywords:
Next_action: diagnose | Verified: 0
Deployment_affected: | Blockedby:
Blocking: |
-------------------------------------+--------------------------------------
Changes (by dsd):
* owner: martin.langhoff => dsd
* status: new => assigned
Comment:
With our current configuration there is no danger of receiving an IPv6
address over DHCP, nor through auto-configuration (router advertisements)
- this is disabled.
The "autoconf" option mentioned above refers to the fact that the kernel
auto-creates a fe80 link-local address. This isn't trivial to turn off,
and does mean that the XS could be contacted over the WAN over IPv6 under
some circumstances. Next build will include a simple firewall config to
block incoming connections except SSH.
--
Ticket URL: <http://dev.laptop.org/ticket/11629#comment:1>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list