← Back to team overview

touch-packages team mailing list archive

  1. touch-packages team
  2. Mailing list archive
  3. Message #31255

[Bug 1386380] Re: network-manager-openvpn leaks w/ IPv6

  Thread PreviousDate PreviousThread Next 
** Description changed:

  To verify:
  1. Connect to a Wifi network that assigns IPv6 addresses.
  2. Open http://whatsmyipv6.org/ note down the address.
  3. Connect to a VPN.
  4. Open http://whatsmyipv6.org/ and compare with the result from step 2.
  
- Temporary fix:
- Set the "Method" dropdown under "IPv6 Settings" in your Wifi connection to "Ignore".
+ Temporary fix (at least in some cases):
+ $ sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
  
  I consider this a security bug since it endangers users relying on a
  working/leak-free VPN.

** Description changed:

+ By "leaking" I mean that there are packages leaving/entering the machine
+ without passing through the VPN.
+ 
  To verify:
  1. Connect to a Wifi network that assigns IPv6 addresses.
  2. Open http://whatsmyipv6.org/ note down the address.
  3. Connect to a VPN.
  4. Open http://whatsmyipv6.org/ and compare with the result from step 2.
  
- Temporary fix (at least in some cases):
- $ sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
+ Temporary fix (at least in my case):
+ sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
  
  I consider this a security bug since it endangers users relying on a
  working/leak-free VPN.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1386380

Title:
  network-manager-openvpn leaks w/ IPv6

Status in “network-manager” package in Ubuntu:
  New
Status in “network-manager-openvpn” package in Ubuntu:
  New

Bug description:
  By "leaking" I mean that there are packages leaving/entering the
  machine without passing through the VPN.

  To verify:
  1. Connect to a Wifi network that assigns IPv6 addresses.
  2. Open http://whatsmyipv6.org/ note down the address.
  3. Connect to a VPN.
  4. Open http://whatsmyipv6.org/ and compare with the result from step 2.

  Temporary fix (at least in my case):
  sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1

  I consider this a security bug since it endangers users relying on a
  working/leak-free VPN.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1386380/+subscriptions

References

  Thread PreviousDate PreviousThread Next