Linus Swdlas wrote:
On Sat, 08 Dec 2007 15:41:36 +0100, Marc Balmer <[EMAIL PROTECTED]>
wrote:
the unspecified address is 0.0.0.0 for IPv4 and :: for IPv6. '*'
is ambigous and it makes no sense to assume '0.0.0.0' and '::' if
a user specifies '*'. This could lead to security problems if
someone would not be aware that this uses both address families.
I am strongly in favour of a notation that makes it totally clear
wich address family is meant.
I intuitivly feel that * means IPv4 and IPv6, although I agree on
the security problem issue.
* means all addresses in the default address family. and with this
diff, that means all IPv6 addresses. The default can be changed
on the command line using the -4 and -6 options (or by being explicit
in the config file).
Using IPv4 as the default address family in IPv6 capable software is
wrong. so making '*:port' a synonym for '0.0.0.0:port' is wrong.
the flag is simple enough: if you do not want to change your config
files, you just change your /etc/rc.conf.local file:
httpd_flags="whatever"
becomes
httpd_flags"-4 whatever"
This should not be to much of a burden for someone upgrading a system
(which usually means changing other stuff, too)
so either people live with the fact that *:port becomes 0.0.0.0:port
for the IPv4 case and ::port for the IPv6 case
How about ditching support for * and just support 0.0.0.0:port and
::port?
Anyone who agrees on this?
No way people can mess that up right?
The config change is trivial, small and painless and can be well
documented.
In case someone else agrees with me, would the change I proposed
also be trivial?
Regards
/ Linus
