On Wed, May 10, 2006 at 10:45:49AM +0200, Julien BLACHE wrote: > Francesco Paolo Lovergine <[EMAIL PROTECTED]> wrote: > > > The true problem is admin inconsistency ;) Unfortunately > > ::ffff:10.0.0.0/24 is a perfectly valid CIDR notation, but IS NOT what a > > naive user would expect, because IPV6 CIDR are on a 128bit range. So using > > that notation indeed open the daemon to all ipv4 addresses, as noted. > > Being defensive on that regards could help. My own opinion is that > > using a 32 bit CIDR value with a ipv4-into-ipv6 address should be > > at least warned or refused (as in the patch) because it's probably > > an admin error. Upstream patches refuses CIDR notation in IPv6 context > > at all which is sub-optimali, indeed. > > Refusing the v4compat notation might be the best option to avoid > errors. >
It's wrong as well. Any of the 4 words can be specified in dot-notation on the basis of ipv6 syntax. The best option IMHO is a clear warning in case of /1-32 CIDR notation. -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]