alt Hacker NewsYou can have IPv6 firewalls emulate the behavior of NAT so it blocks unsolicited inbound traffic while allowing outbound traffic. If you get a /48 form your ISP you could rotate to a new IP address every second for the rest of your life.
Replies
iamnothere • yesterday at 4:38 PM
Right, but if you’re messing around as a naive learner it’s easy to accidentally disable that or completely open up an IP or range due to a bad rule. It’s a lot harder to accidentally enable port forwarding on a NAT.
➕ show 1 reply
> You can have IPv6 firewalls emulate the behavior of NAT so it blocks unsolicited inbound traffic while allowing outbound traffic.
Are there any (consumer?) firewalls that do not do this? I know Asus do this (and have for years).
AIUI most 'enterprise' firewalls have a default deny shipped from the factory and you have to actively allow stuff.