diff options
| author | Matthias Schiffer <mschiffer@universe-factory.net> | 2018-04-12 22:14:56 +0200 |
|---|---|---|
| committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2018-04-17 22:08:12 +0200 |
| commit | bb46520159c0119e829900e29681feea6f297fe0 (patch) | |
| tree | b39719afb3858748ec8d12691fb09a9585ce6470 /package/base-files/files/etc | |
| parent | 030a23001b74ede5fa2e6070a8fb04f3feccfbbd (diff) | |
| download | upstream-bb46520159c0119e829900e29681feea6f297fe0.tar.gz upstream-bb46520159c0119e829900e29681feea6f297fe0.tar.bz2 upstream-bb46520159c0119e829900e29681feea6f297fe0.zip | |
kernel: disable accept_ra by default
Our commands setting accept_ra to 0 on all interfaces got lost in the
transition to procd. This remained unnoticed for a long time, as we also
enable forwarding on all interfaces, which prevents RA handling by default.
Restore the commands, while also fixing a possible race condition in the
old version.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Diffstat (limited to 'package/base-files/files/etc')
| -rwxr-xr-x | package/base-files/files/etc/init.d/sysctl | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/package/base-files/files/etc/init.d/sysctl b/package/base-files/files/etc/init.d/sysctl index 8722126a66..a236a0194b 100755 --- a/package/base-files/files/etc/init.d/sysctl +++ b/package/base-files/files/etc/init.d/sysctl @@ -26,6 +26,14 @@ apply_defaults() { net.ipv6.ip6frag_high_thresh="$frag_high_thresh" \ net.netfilter.nf_conntrack_frag6_low_thresh="$frag_low_thresh" \ net.netfilter.nf_conntrack_frag6_high_thresh="$frag_high_thresh" + + # first set default, then all interfaces to avoid races with appearing interfaces + if [ -d /proc/sys/net/ipv6/conf ]; then + echo 0 > /proc/sys/net/ipv6/conf/default/accept_ra + for iface in /proc/sys/net/ipv6/conf/*/accept_ra; do + echo 0 > "$iface" + done + fi } start() { |