<div dir="ltr"><div>as I said, best is a firewall, however GBE capable pfsense HW starts at 1000 NIS + need at least another 200 for an AP,<br></div><div>this 1k NIS i wanted to save if i could find a satisfying solution<br><br></div><div>however in HOT 4 router i can't disable or firewall ipv6, so i thought a simple dhcpv6 server could solve my problem ...<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Nov 7, 2021 at 10:52 AM Rabin Yasharzadehe <<a href="mailto:rabin@rabin.io">rabin@rabin.io</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif">For best control you should go with the option of splitting the ISP router to only act as modem, and have a FW like PFsense/OpenSense for the rest (FW,DHCP 4/6, DNS, .... ).</div><div class="gmail_default" style="font-family:tahoma,sans-serif">and have several wireless APs spread across the house, which act only as AP base stations. It's a bit more expensive, but it will give you the peace of mind you are looking for.</div><div class="gmail_default" style="font-family:tahoma,sans-serif"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif"><br clear="all"></div><div><div dir="ltr"><div dir="ltr"><span style="font-family:tahoma,sans-serif">--<br>Rabin</span></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, 7 Nov 2021 at 10:28, Erez D <<a href="mailto:erez0001@gmail.com" target="_blank">erez0001@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div><div>Hello<br><br></div>I've swapped isp (hot/hotnet) and now i have ipv6 support which i can't turn off.<br></div>I have a few issues with ipv6:<br></div><div>1. no NAT so all my devices are accessible from outside<br></div><div>2. can't redirect DNS traffic to my DNS server<br><br></div><div>I
thought about adding a firewall, but this way i need a small
fast-enough HW for this which is expensive, as well as disable HOT's
router wifi so i actually need a wifi router ...<br><br></div><div>can't
i just install a dhcpv6 server on an RPi, which will hijack the default
route and DNS servers, and so actually disable ipv6 ?</div><div><br></div><div>Thanks,</div><div>Erez.</div></div>
_______________________________________________<br>
Linux-il mailing list<br>
<a href="mailto:Linux-il@cs.huji.ac.il" target="_blank">Linux-il@cs.huji.ac.il</a><br>
<a href="http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il" rel="noreferrer" target="_blank">http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il</a><br>
</blockquote></div>
</blockquote></div>