IPv4 port 80 forward opens both Forris nad Luci through IPv6

First I was surprised, that port forwarding is only IPv4 port forward.
Than I realised my mistake and uset Turris IPv6 address as AAAA record and found out, that Foris is (and was exposed the whole time).
I use correct IPv6 client address as AAAA record, but Forris is stil accessible - should it be blocked? Or I should not be worried to keep it opened?

Thank you

Jan

That depends on your usage-scenario - by default port 80 is associated with Luci and foris.
I’d strongly advice to block foris/Luci-access from wan. If you need to access it you could make it available only via VPN.

Yes, that i do… :slight_smile: but i was surprised that forwarding 80 on IPv4 opens Foris ony in IPv6 scenario. I think user should be warned at least…

Then I did not correctly understand you.
If you use Turris IPv6 as AAAA-record port 80 is automatically opened? :hushed:

1 Like

Yes… exactly - that was my point - if you do IPv4 port forwarding to IPv4 address in your home network, you need to block that port in IPv6 scenario! exactly!By the way… If you do port forward of SSH (port 22) in IPv4 it is forwarded to machine behind Turris, but using IPv6 address you can connect to router!

That sounds really strange… And like there’s a bug :wink: