On Mon, 6 Feb 2017, Paul Warren wrote:
On 03/02/17 19:03, jens wrote:
hey, i happily use iftop for months
i now recognize some strange behaviour
using iftop on an wireguard vpn tunnel (layer3) if i can easily see all the endpoints for IPv4 . they are shown as they should in that case 192.168.99.something
if i use v6 inside this wireguard tunnel .. so the IPs are more like fdf1::16:3e75:72af (/64) than there is only one ip shown all the time - or one dns entry (from /etc/hosts)
I've not been able to reproduce this. Can you confirm what version of iftop you're using?
It works if all IPv6 rDNS lookups succeed. Even if most IPv6 rDNS lookups succeed, you might not notice the problem (and that is when it is the most dangerous). The best way to reproduce is to run on a local IPv6 subnet where *none* of the IPv6 lookups succeed, or else point /etc/resolv.conf to a local dnsmasq with ip6.arpa set to always return NXDOMAIN. Then all IPv6 will display as the same raw IP, and you will surely notice.