Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add ipv6 addresses to dc_relay_nets #78

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

matthijskooijman
Copy link

Previously, this added all connected ipv4 networks to enable relaying for all
direclty connected hosts, but if a host would connect through an ipv6-enabled
network and actually uses an ipv6 connection, relay would suddenly be denied.

This commit also includes all ipv6 addresses, just like ipv4 addresses. Note
that Exim uses : as a separator between entries in this list, so any : inside
the ipv6 address must be doubled.

This also adds scope global to the ip address show command, to prevent also
picking up link-local addresses. This should not normally affect the ipv4
address, since those are normally global scope anyway.

Previously, this added all connected ipv4 networks to enable relaying for all
direclty connected hosts, but if a host would connect through an ipv6-enabled
network and actually uses an ipv6 connection, relay would suddenly be denied.

This commit also includes all ipv6 addresses, just like ipv4 addresses. Note
that Exim uses : as a separator between entries in this list, so any : inside
the ipv6 address must be doubled.

This also adds `scope global` to the `ip address show` command, to prevent also
picking up link-local addresses. This should not normally affect the ipv4
address, since those are normally global scope anyway.
@matthijskooijman
Copy link
Author

Note that enabling ipv6 on docker is not as trivial as it should be currently. It might be a matter of switching on ipv6 on the default network, but I have a more complicated setup with different networks with static ipv6 configuration, so I can't quickly give you details on how to reproduce this issue.

However, I can show you how the ip addr output looks on my smtp docker instance:

root@4ec6869d6468:/# ip address show eth0
443: eth0@if444: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ac:50:03:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.80.3.2/24 brd 172.80.3.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fd00:dead:beef:3::2/64 scope global nodad 
       valid_lft forever preferred_lft forever
    inet6 fe80::42:acff:fe50:302/64 scope link 
       valid_lft forever preferred_lft forever
root@4ec6869d6468:/# cat /etc/exim4/update-exim4.conf.conf |grep relay_net
dc_relay_nets='172.80.3.2/24:fd00::dead::beef::3::::2/64'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant