[Pkg-clamav-devel] Bug#616172: clamav-daemon doesn't listen on ipv6 [::]
Török Edwin
edwin at clamav.net
Thu Mar 3 10:45:50 UTC 2011
On 2011-03-03 12:35, Török Edwin wrote:
> On 2011-03-03 00:15, Brian P Kroth wrote:
>> Package: clamav-daemon
>> Version: 0.96.5+dfsg-1.1
>> Severity: normal
>> Tags: ipv6
>>
>>
>> I'm trying to get clamd to listen over ipv6 (eg ::) but no options I've
>> fed TCPAddr seem to allow for this - they just error out and clamd won't
>> start.
>>
>> If I just specify TCPSocket it will only listen on 0.0.0.0.
>>
>> Let me know if you need anything else.
>
> freshclam supports IPv6, but could you please explain why clamd would
> need IPv6 support?
> You can only safely use clamd inside a LAN, and the LAN has IPv4 anyway.
>
> Also with IPv6 clamd would be routable from the outside world (because
> your machine would be), and anyone could issue commands to your clamd,
> unless explicitly firewall its port, so listening on IPv6 would be a
> security risk.
BTW you can set clamd to listen to 127.0.0.1, and tunnel a connection to
it using ssh, which supports IPv6.
--Edwin
More information about the Pkg-clamav-devel
mailing list