revert: "fix(elasticloadbalancingv2): open, dual-stack-without-public-ipv4 ALB allows IPv6 inbound traffic" (#32690)

Reverts #32203

We should make this change under a "fix" feature flag as to not break existing customers

Author: gracelu0

packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.alb.dualstack-without-public-ipv4.js.snapshot/AlbDualstackWithoutPublicIpv4DefaultTestDeployAssertFA6F90DD.assets.json

@@ -530,13 +530,6 @@
       "FromPort": 80,
       "IpProtocol": "tcp",
       "ToPort": 80
-     },
-     {
-      "CidrIpv6": "::/0",
-      "Description": "Allow from anyone on port 80",
-      "FromPort": 80,
-      "IpProtocol": "tcp",
-      "ToPort": 80
      }
     ],
     "VpcId": {

packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.alb.dualstack-without-public-ipv4.js.snapshot/aws-cdk-elbv2-integ-dualstack-without-public-ipv4.assets.json

@@ -298,14 +298,13 @@ const lb = new elbv2.ApplicationLoadBalancer(this, 'LB', {
 });
 ```
 
-By setting `DUAL_STACK_WITHOUT_PUBLIC_IPV4`, you can provision load balancers without public IPv4s:
+By setting `DUAL_STACK_WITHOUT_PUBLIC_IPV4`, you can provision load balancers without public IPv4s
 
 ```ts
 declare const vpc: ec2.Vpc;
 
 const lb = new elbv2.ApplicationLoadBalancer(this, 'LB', {
   vpc,
-  internetFacing: true,
   ipAddressType: elbv2.IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4,
 });
 ```

packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.alb.dualstack-without-public-ipv4.js.snapshot/aws-cdk-elbv2-integ-dualstack-without-public-ipv4.template.json

@@ -303,8 +303,7 @@ export class ApplicationListener extends BaseListener implements IApplicationLis
 
     if (props.open !== false) {
       this.connections.allowDefaultPortFrom(ec2.Peer.anyIpv4(), `Allow from anyone on port ${port}`);
-      if (this.loadBalancer.ipAddressType === IpAddressType.DUAL_STACK ||
-        this.loadBalancer.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4) {
+      if (this.loadBalancer.ipAddressType === IpAddressType.DUAL_STACK) {
         this.connections.allowDefaultPortFrom(ec2.Peer.anyIpv6(), `Allow from anyone on port ${port}`);
       }
     }

packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.alb.dualstack-without-public-ipv4.js.snapshot/cdk.out

@@ -107,43 +107,6 @@ describe('tests', () => {
     });
   });
 
-  test('Listener default to open - IPv6 (dual stack without public IPV4)', () => {
-    // GIVEN
-    const stack = new cdk.Stack();
-    const vpc = new ec2.Vpc(stack, 'Stack');
-    const loadBalancer = new elbv2.ApplicationLoadBalancer(stack, 'LB', {
-      vpc,
-      internetFacing: true,
-      ipAddressType: elbv2.IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4,
-    });
-
-    // WHEN
-    loadBalancer.addListener('MyListener', {
-      port: 80,
-      defaultTargetGroups: [new elbv2.ApplicationTargetGroup(stack, 'Group', { vpc, port: 80 })],
-    });
-
-    // THEN
-    Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroup', {
-      SecurityGroupIngress: [
-        {
-          Description: 'Allow from anyone on port 80',
-          CidrIp: '0.0.0.0/0',
-          FromPort: 80,
-          IpProtocol: 'tcp',
-          ToPort: 80,
-        },
-        {
-          Description: 'Allow from anyone on port 80',
-          CidrIpv6: '::/0',
-          FromPort: 80,
-          IpProtocol: 'tcp',
-          ToPort: 80,
-        },
-      ],
-    });
-  });
-
   test('HTTPS listener requires certificate', () => {
     // GIVEN
     const stack = new cdk.Stack();