[BUG] Dual-stack IPv6 traffic is not dropped and therefore spoiling the true origin of packets
docteurdoom opened this issue · 6 comments
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
When I use this as a client on a dual-stack machine, my IPv4 traffic gets wrapped into WG tunnel and my IPv6 traffic doesn't. Since your container doesn't support IPv6 as of today, on the related interfaces it should not allow any IPv6 traffic to not spoil the origin of packets.
Expected Behavior
I expect that when I bring up a tunnel it hides my origin by blocking IPv6 on related interfaces.
Steps To Reproduce
Run a client on dual-stack machine then run IP tests in browserleaks.com. It is gonna say that by IPv4 means you are in XYZ country and by IPv6 means you are in ABC country.
Environment
Any IPv6 && WireGuard capable host with a browser.CPU architecture
x86-64
Docker creation
docker compose up -dContainer logs
No logs.Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
did you configure your custom bridge to support ipv6? As you can see in our default conf, the static route sends ::/0 across the tunnel.
This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
no response from OP and I cannot reproduce this
This issue is locked due to inactivity