>> one would want to be able to whitelist all ports >> for a given IP address > > What? No! > > "Dear Gateway, I am definitely not a compromised host, please open all > ports toward me." > > I don't disregard the idea that one would want to manually configure > this behaviour, but not automatically from the host itself.
Indeed. I find the argument that I must have a firewall, but I also must have a highly insecure way of automatically disabling it highly amusing. (I guess PCP was what was intended to replace UPnP for this in IPv6.) Best regards, Ole
signature.asc
Description: Message signed with OpenPGP
