On Sun, Sep 25, 2016 at 06:46:13AM -0700, nishiwak...@gmail.com wrote: > Hello, > > I am surprised that there is no way to disable ipv6 on Debian template. > > I reinstalled first the template using documentation > https://www.qubes-os.org/doc/reinstall-template/ > > Then I added "net.ipv6.conf.all.disable_ipv6 = 1" in /etc/sysctl.conf, I did > reboot the Template but it didn't change the outcome, I still had ipv6 ports > opened using "netstat -antp" > > I even added "sudo ip6tables -P INPUT DROP" in "/rw/config/rc.local", but I > still got those distant servers listening when I check using commands like > "sudo lsof -i6" or "netstat -antp" on my Debian Template. > > What is rpcbind, avahi-dae and why you got this ipv6 bound to systemd on PID > 1 ? Looks suspicious, I thought Ipv6 was disabled by default on Qubes. > > Regards >
I'm a bit late to the party on this, and I wonder if it's a troll anyway, when I look at some of the later comments. Still - If you want to disable ipv6 on Debian, just pass in as kernel option: qvm-prefs debian -s kernelopts ipv6.disable=1 This won't feed through to qubes based on the template, of course. You have to set the preference for each qube. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160926221402.GA27548%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
