21 Apr
2023
21 Apr
'23
12:33
On 2023-04-21 08:29, Andrei Borzenkov wrote:
You could also block all IPv6 packets from your router MAC address. Then he might as well not even have IPv6. He will have outgoing connectivity to IPv6 sites. Which is exactly what we have with IPv4 behind NAT.
Blocking the MAC address will block all IPv6 traffic, as there is no relationship between connections and it. A firewall normally uses sockets, that is source and destination addresses and ports to determine whether incoming packets are part of an existing connection.