View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Should i enable IPv6 in CSF Firewall?
Log in to Ask a Question

Should i enable IPv6 in CSF Firewall?

general

Should i enable IPv6 in CSF Firewall?

In the configuration file i see some restrictions like:

> IPv6 uses icmpv6 packets very heavily. By default, csf will allow all icmpv6 traffic in the INPUT and OUTPUT chains. However, this could increase the risk of icmpv6 attacks. To restrict incoming icmpv6, set to "1" but may break some connection types

IPV6ICMPSTRICT = 0

Should i enable it anyway? Is it better?

Thanks

3 Replies

Unless you have set up an IPv6 tunnel, you are not using IPv6 – Linode does not support it yet.

Ah, ok, but that´s the message i got from CSF:

> IPv6 appears to be enabled [ifconfig: fe80::fcfd:adff:fee6:9333/64 Scope:Link, ::1/128 Scope:Host]. If ip6tables is installed, you should enable the csf IPv6 firewall

IPv6 addresses that begin fe8 (or fe9, fea or feb) are link-local addresses that are automatically assigned – they will not be routed beyond the local connection, which in the case of a Linode is internal to the host machine -- you are not actually connected to anything.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct