From 4d38908bc99217cb534b417829769ccaa6e240c8 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Wed, 2 Dec 2009 16:43:36 -0800 Subject: Changes related to co-ordination between kernel parameters and radvd. First, we need to set the global IPv6 parameter under "all" when "disable-forwarding" is deleted because this is the parameter that actually controls whether the stack will forward IPv6 packets. Second, if router advertisements were configured while global IPv6 forwarding was disabled, we need to re-start the daemon when global IPv6 forwarding is re-enabled. --- templates/system/ipv6/disable-forwarding/node.def | 30 +++++++++++++++++------ 1 file changed, 23 insertions(+), 7 deletions(-) (limited to 'templates/system') diff --git a/templates/system/ipv6/disable-forwarding/node.def b/templates/system/ipv6/disable-forwarding/node.def index 2c8f4ac5..a029c81a 100644 --- a/templates/system/ipv6/disable-forwarding/node.def +++ b/templates/system/ipv6/disable-forwarding/node.def @@ -3,23 +3,39 @@ help: Disable IPv6 forwarding on all interfaces # Disable IPv6 forwarding for all interfaces we currently have, # and set default such that it will be disabled on any new interfaces # that come up after this. +# create: sudo sh -c "echo 0 > /proc/sys/net/ipv6/conf/all/forwarding" sudo sh -c "echo 0 > /proc/sys/net/ipv6/conf/default/forwarding" -# Re-enable IPv6 forwarding globally. But only enable it for those -# interfaces that do not have forwarding disabled on a per-interface -# basis. A per-interface flag file under /var/run/vyatta/ tells us if -# it is disabled. Restore default value so that any new interfaces -# that come up after this will have forwarding enabled. +# Re-enable IPv6 forwarding globally. But setting the global +# forwarding parameter under "all" has the side effect of setting the +# per-interface forwarding parameter for all interfaces. Users may +# disable forwarding per-interface, so we have to restore the state of +# the per-interface parameter here. A per-interface flag file under +# /var/run/vyatta/ tells us if forwarding is disabled on specific +# interfaces. Restore default value of the forwarding parameter under +# "default" so that any new interfaces that come up after this will +# have forwarding enabled. +# delete: + sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/all/forwarding" cd /proc/sys/net/ipv6/conf for i in * ; do if [ "$i" = "default" -o "$i" = "all" -o ! -d "$i" ]; then continue fi - if [ ! -e /var/run/vyatta/ipv6_no_fwd.$i ]; then - sudo sh -c "echo 1 > $i/forwarding" + if [ -e /var/run/vyatta/ipv6_no_fwd.$i ]; then + sudo sh -c "echo 0 > $i/forwarding" fi done sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/default/forwarding" + # + # If router advertisements were configured while global IPv6 + # forwarding was disabled, we will need to start the radvd daemon + # now. + running=`ps --no-headers -C radvd | wc -l` + if [ $running -eq 0 -a -e /etc/radvd.conf -a -x /etc/init.d/radvd ]; then + /etc/init.d/radvd start + fi + -- cgit v1.2.3