I’ve noticed something interesting and stupid about coffee shop firewalls. They are configured to disallow a lot of handy IPv4 traffic, like SSH, while still allowing through web traffic, DNS, kerberos, OpenAFS, etc. However, they don’t appear to have any blocks in place for IPv6 ssh traffic. How do I know?

`I’ve noticed something interesting and stupid about coffee shop firewalls. They are configured to disallow a lot of handy IPv4 traffic, like SSH, while still allowing through web traffic, DNS, kerberos, OpenAFS, etc. However, they don’t appear to have any blocks in place for IPv6 ssh traffic. How do I know?

`

Handy trick, until they start deploying IPv6 aware firewall devices (or blocking IPv6 totally, which would be a bad, bad thing).