From ca829e805baccb4e9549ed18c1dd622cdefa8bc6 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Tue, 30 Nov 2010 00:46:21 +0000 Subject: base-files: disable ipv6 on bridge ports, this prevents stray RA assigned and link local addresses on bridge member devices SVN-Revision: 24194 --- package/base-files/files/lib/network/config.sh | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/package/base-files/files/lib/network/config.sh b/package/base-files/files/lib/network/config.sh index 358e610f62..2ef8cda9d9 100755 --- a/package/base-files/files/lib/network/config.sh +++ b/package/base-files/files/lib/network/config.sh @@ -3,6 +3,12 @@ # DEBUG="echo" +do_sysctl() { + [ -n "$2" ] && \ + sysctl -n -e -w "$1=$2" >/dev/null || \ + sysctl -n -e "$1" +} + find_config() { local iftype device iface ifaces ifn for ifn in $interfaces; do @@ -164,14 +170,10 @@ prepare_interface() { local macaddr config_get macaddr "$config" macaddr [ -x /usr/sbin/brctl ] && { - # Remove IPv6 link local addr before adding the iface to the bridge - local llv6="$(ifconfig "$iface")" - case "$llv6" in - *fe80:*/64*) - llv6="${llv6#* fe80:}" - ifconfig "$iface" del "fe80:${llv6%% *}" - ;; - esac + # Disable IPv6 for bridge ports + do_sysctl net.ipv6.conf.$iface.disable_ipv6 1 + [ "${iface##wlan}" != "$iface" ] && \ + do_sysctl net.ipv6.conf.mon.$iface.disable_ipv6 1 ifconfig "br-$config" 2>/dev/null >/dev/null && { local newdevs devices @@ -411,6 +413,9 @@ unbridge() { for brdev in $(brctl show | awk '$2 ~ /^[0-9].*\./ { print $1 }'); do brctl delif "$brdev" "$dev" 2>/dev/null >/dev/null + do_sysctl net.ipv6.conf.$dev.disable_ipv6 0 + [ "${dev##wlan}" != "$dev" ] && \ + do_sysctl net.ipv6.conf.mon.$dev.disable_ipv6 0 done } } -- cgit v1.2.3