Should i enable IPv6 in CSF Firewall?

Should i enable IPv6 in CSF Firewall?

In the configuration file i see some restrictions like:

> IPv6 uses icmpv6 packets very heavily. By default, csf will allow all icmpv6 traffic in the INPUT and OUTPUT chains. However, this could increase the risk of icmpv6 attacks. To restrict incoming icmpv6, set to "1" but may break some connection types

IPV6ICMPSTRICT = 0

Should i enable it anyway? Is it better?

Thanks

3 Replies

Unless you have set up an IPv6 tunnel, you are not using IPv6 – Linode does not support it yet.

Ah, ok, but that´s the message i got from CSF:

> IPv6 appears to be enabled [ifconfig: fe80::fcfd:adff:fee6:9333/64 Scope:Link, ::1/128 Scope:Host]. If ip6tables is installed, you should enable the csf IPv6 firewall

IPv6 addresses that begin fe8 (or fe9, fea or feb) are link-local addresses that are automatically assigned – they will not be routed beyond the local connection, which in the case of a Linode is internal to the host machine -- you are not actually connected to anything.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct