Bug #4258
closed
DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected
0%
Description
IPv4 subnets are automagically added to /var/unbound/access_lists.conf; however this is not done with any of the IPv6 subnets defined for internal interfaces.
Updated by Chris Buechler almost 10 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 7684d66fad740820ca1c945a5b67a6f813306235.
Updated by Chris Buechler almost 10 years ago
Applied in changeset 7fd2a0e3a9163d8cc3f578f4bd105ed0c982737f.
Updated by Chris Buechler almost 10 years ago
- Subject changed from DNS Resolver - auto-added access controls missing IPv6 subnets to DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected
- Status changed from Feedback to Resolved
- Target version set to 2.2
- % Done changed from 100 to 0
updated subject to specific issue. Fixed
Updated by Kill Bill almost 10 years ago
Ok, this works mostly fine, except that it misses OpenVPN's IPv6 (and probably IPsec as well, don't have IPv6 IPsec tunnel configured though.)
Updated by Chris Buechler almost 10 years ago
It only covers interfaces that are assigned and enabled plus static routes for IPv6. Manual entries will be required for other circumstances.
Updated by Kill Bill almost 10 years ago
Kinda confused really what it covers now. It certainly is adding OpenVPN and IPSec IPv4 subnets to the ACL.
Updated by Chris Buechler almost 10 years ago
for v4, it uses the same source networks as it uses for outbound NAT auto rule generation, which is a diff process.
Updated by Kill Bill almost 10 years ago
OK, lets call this fixed then. Thanks. :)
(Kinda inconsistent results, perhaps the VPN stuff would be worth a separate checkbox instead, but it certainly is not good time for similar nontrivial changes now.)