@wbumiller I have tried
`ipv6.disable=1` but it does not seem to work. This the boot line from same machine above:
# cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-4.4.98-6-pve root=/dev/mapper/pve-root ro ipv6.disble=1 vga=791 fsck.mode=force pti=on
I have made both the boot line modification as well as the `net.ipv6.conf.*` edits to `sysctl.conf`.
These result in the message logs filling up with the `
ip6tables-restore` messages in the OP. How can these messages be prevented?
@Klaus Steinberger Network segments are inherently untrusted by nature. Malicious software can backdoor a device, users can install access points or download accidental trojans. These provide a point of entry for network based attacks. This is why it's important to firewall un-needed services (or disable them completley) and if possible trigger a firewall alert for a NIDs system to provide a log/alert of the event. In a home network, you may not want all of this and that is your choice. In corporate settings, there are security policies which must be adhered to and dictate how a machine is provisioned.
Yes, ipv4 has run it's course however many institutions use something called iPv4/IPv6 translation. This allows an edge to use IPv6 to talk on the Internet, but then uses Network Address Translation to "rewrite" the network packet into an IPv4 packet so private networks behind the edge can still use IPv4. This is why IPv4 is still relevant.