Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

squid requires IPv6 to be enabled #271

Closed
fichtner opened this issue Jul 23, 2015 · 0 comments
Closed

squid requires IPv6 to be enabled #271

fichtner opened this issue Jul 23, 2015 · 0 comments
Assignees
@fichtner
Labels
bug Production bug
Milestone
16.1

Comments

@fichtner
Copy link
Member

via: https://forum.opnsense.org/index.php?topic=879.0
@fichtner fichtner added the bug Production bug label Jul 23, 2015
@fichtner fichtner self-assigned this Jul 23, 2015
@fichtner fichtner added this to the 16.1 milestone Jul 23, 2015
fichtner added a commit that referenced this issue Jul 30, 2015
@fichtner
firewall: fix squid start with IPv6 disabled; fixes #271
5121976 
While blocking IPv6 in this case is a good start, loopback traffic
from internal to internal should never be blocked as some deamons
like squid use it to probe and/or communicate.
fichtner added a commit that referenced this issue Jul 30, 2015
@fichtner
firmware: `better' fix for IPv6 loopback allow; #271
a62931b 
`block quick' creates a chain-reaction that requires `pass quick' for
loopback traffic, even though we have non-quick loopback pass rules
below.  If `quick' ought to be used, non-quick should be removed
completely, but that is beyond the scope of this fix.

For now, rather pass all IPv6 traffic on the looback device as opposed
to passing all IPv6 traffic with an IPv6 loopback address.
fichtner added a commit that referenced this issue Jul 30, 2015
@fichtner
firmware: `better' fix for IPv6 loopback allow; #271
0ef03d3 
`block quick' creates a chain-reaction that requires `pass quick' for
loopback traffic, even though we have non-quick loopback pass rules
below.  If `quick' ought to be used, non-quick should be removed
completely, but that is beyond the scope of this fix.

For now, rather pass all IPv6 traffic on the looback device as opposed
to passing all IPv6 traffic with an IPv6 loopback address.
@fichtner fichtner mentioned this issue Aug 13, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fichtner fichtner

Labels
bug Production bug
Milestone
16.1
Development

No branches or pull requests
1 participant
@fichtner