lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 24 Jun 2007 12:54:49 -0700 From: David Stevens <dlstevens@...ibm.com> To: Kyle Moffett <mrmacman_g4@....com> Cc: Andrew Morton <akpm@...ux-foundation.org>, djones@...sove.com, LKML Kernel <linux-kernel@...r.kernel.org>, netdev@...r.kernel.org, netdev-owner@...r.kernel.org Subject: Re: Scaling Max IP address limitation > <Unrelated wishful thinking> > I keep having hopeful dreams that one day netfilter will grow support > for cross-protocol NAT (IE: NAT a TCPv4 connection over TCPv6 to the > IPv6-only local web server, or vice versa). It would seem that would > require a merged "xtables" program. You don't actually need it (at least for easy cases like that), because IPv6 defines IPv4 mapped IPv6 addresses of the form ::ffff:a.b.c.d. These will generate IPv4 packets for a.b.c.d, from a v6 socket. Unless you're using v6only binding (a sysctl option), you can connect to v6-only servers using a v4 network and a v4 address of the server. The peer address on those connections will show up as a v4 mapped address, and all the traffic will be v4, but the socket layer is all v6. +-DLS - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists