Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
   Compare ISP   Rate your ISP
   Glossary   Glossary
Please login or register.

Login with username, password and session length
Advanced search  


Pages: 1 [2]

Author Topic: Weird broken website  (Read 1385 times)


  • Addicted Kitizen
  • *****
  • Posts: 6873
  • Retd sw dev; A&A; 4 7km ADSL2; IPv6; Firebrick
Re: Weird broken website
« Reply #15 on: December 13, 2018, 05:23:05 PM »

To fix the problem with IPv6 I employed my Firebrick router to block IPv6.

I used the following rule, adding a rule element into the middle of an existing suitable rule-set that monitors outbound stuff coming out of my LAN "IF-LAN". You must change IF-LAN to be whatever your LAN interface object is called.

Code: [Select]

<rule-set source-interface="IF-LAN" no-match-action="continue">
      <rule target-ip="2a02:348:82:cb69::2" target-port="80 443" protocol="6" action="reject"/>

But depending on your circumstances you might just roll the whole thing up into one combined form, as follows:

Code: [Select]

<rule-set source-interface="IF-LAN" target-ip="2a02:348:82:cb69::2" target-port="80 443" protocol="6" no-match-action="reject" />

But the first form is always preferable if you have an existing rule set to add this new rule into, as that way you can minimise the number of rule-sets, which is desirable from an efficiency point of view amongst other reasons. (Sed multa sunt peccata mea in re ista.)

This is not a great hack though because what happens when they change their IPv6 address, how many alternative addresses might there be due to load sharing, and how many other virtual http servers might be living on that box, so that other random sites could get knocked out just because they share that address?
Pages: 1 [2]