Bug #4258
closedDNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected
0%
Description
IPv4 subnets are automagically added to /var/unbound/access_lists.conf; however this is not done with any of the IPv6 subnets defined for internal interfaces.
Updated by Chris Buechler over 9 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 7684d66fad740820ca1c945a5b67a6f813306235.
Updated by Chris Buechler over 9 years ago
Applied in changeset 7fd2a0e3a9163d8cc3f578f4bd105ed0c982737f.
Updated by Chris Buechler over 9 years ago
- Subject changed from DNS Resolver - auto-added access controls missing IPv6 subnets to DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected
- Status changed from Feedback to Resolved
- Target version set to 2.2
- % Done changed from 100 to 0
updated subject to specific issue. Fixed
Updated by Kill Bill over 9 years ago
Ok, this works mostly fine, except that it misses OpenVPN's IPv6 (and probably IPsec as well, don't have IPv6 IPsec tunnel configured though.)
Updated by Chris Buechler over 9 years ago
It only covers interfaces that are assigned and enabled plus static routes for IPv6. Manual entries will be required for other circumstances.
Updated by Kill Bill over 9 years ago
Kinda confused really what it covers now. It certainly is adding OpenVPN and IPSec IPv4 subnets to the ACL.
Updated by Chris Buechler over 9 years ago
for v4, it uses the same source networks as it uses for outbound NAT auto rule generation, which is a diff process.
Updated by Kill Bill over 9 years ago
OK, lets call this fixed then. Thanks. :)
(Kinda inconsistent results, perhaps the VPN stuff would be worth a separate checkbox instead, but it certainly is not good time for similar nontrivial changes now.)