Talk:Why you want IPv6

From LinuxReviews
Jump to navigationJump to search

I beg to differ with the article's argument that switching to IPv6 prevents NAT-style filtering. One can just as easily mimic the "lazy man's firewall" effect of NAT with a proper IPv6 firewall.

It's simply a matter of setting default deny on the router for both directions (RST-based deny instead of DROP-based deny, if you want to mimic a "lazy man's firewall" that isn't backed by a proper firewall), using stateful packet filtering, and allowing all outbound TCP SYN, ICMP, and UDP. At that point, you have the same general behaviour as an IPv4 NAT setup with no ports forwarded.

From there, every "pass inbound traffic with this destination IP and port" rule is functionally equivalent to forwarding a port.

שלום שמי דודו

אני משווק של היבואן הרשמי של סמסונג .

אני פונה באופן אישי לעסקים שלדעתי יהיו מעונינים בפריבילגיה

לגבי הדגם החדש של סמסונג


האם אפשרי לשוחח בטלפון ?