[mythtv] Proposed change to Network Communications

Stephen Worthington stephen_agent at jsw.gen.nz
Fri Mar 10 01:12:55 UTC 2017


On Thu, 9 Mar 2017 23:29:09 +0000, you wrote:

>On 10 March 2017 8:34:43 AM rudy zijlstra 
><mythtv at grumpydevil.homelinux.org> wrote:
>
>>
>>
>> On 08-03-17 19:30, Karl Dietz wrote:
>>> On 08.03.2017 13:36, Brian J. Murrell wrote:
>>>> security implications of transitioning from "NAT security" (for
>>>
>>> this is the point. "transition from some security to no security"
>>>
>>> There is a perimeter device that currently implement IPv4 perimeter
>>> security with a method that goes by the name "IPv4 NAT Firewall" or
>>> similar. (lets not get into details)
>>> When the provider of this perimeter device now implements IPv6 its up
>>> to them to also implement some IPv6 perimeter security. Maybe with a
>>> "real firewall" or whatever.
>> All operator provided gateways i am aware of that implement IPv6 also
>> implement an IPv6 firewall. The default setting is to block all traffic
>> inbound into the home network that is not requested. In other words,
>> the default is that, in firewall terms, only RELATED traffic is allows
>> in from the internet.
>>
>> Cheers
>>
>> Rudy
>
>I apologise in advance if I am heading off topic but wouldnt a firewall 
>like that block me from SSH 'ing into my servers or block any home Web 
>servers from operating? Maybe the firewall will be end user configurable or 
>opt in / out.

Yes it would.  So just like with IPv4, you would then need to set up
config to open those ports through the firewall.


More information about the mythtv-dev mailing list