Francesco Paolo Lovergine <[EMAIL PROTECTED]> wrote: > The true problem is admin inconsistency ;) Unfortunately > ::ffff:10.0.0.0/24 is a perfectly valid CIDR notation, but IS NOT what a > naive user would expect, because IPV6 CIDR are on a 128bit range. So using > that notation indeed open the daemon to all ipv4 addresses, as noted. > Being defensive on that regards could help. My own opinion is that > using a 32 bit CIDR value with a ipv4-into-ipv6 address should be > at least warned or refused (as in the patch) because it's probably > an admin error. Upstream patches refuses CIDR notation in IPv6 context > at all which is sub-optimali, indeed.
Refusing the v4compat notation might be the best option to avoid errors. JB. -- Julien BLACHE <[EMAIL PROTECTED]> | Debian, because code matters more Debian & GNU/Linux Developer | <http://www.debian.org> Public key available on <http://www.jblache.org> - KeyID: F5D6 5169 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
