summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBob Gilligan <gilligan@vyatta.com>2009-12-02 16:43:36 -0800
committerBob Gilligan <gilligan@vyatta.com>2009-12-02 16:43:36 -0800
commit4d38908bc99217cb534b417829769ccaa6e240c8 (patch)
tree0e8a71d076fcf904d47ed5565a0085c6d90e3988
parent249f7eae3d1374e8e22e35113c89fc32eacdbf91 (diff)
downloadvyatta-cfg-system-4d38908bc99217cb534b417829769ccaa6e240c8.tar.gz
vyatta-cfg-system-4d38908bc99217cb534b417829769ccaa6e240c8.zip
Changes related to co-ordination between kernel parameters and radvd.
First, we need to set the global IPv6 parameter under "all" when "disable-forwarding" is deleted because this is the parameter that actually controls whether the stack will forward IPv6 packets. Second, if router advertisements were configured while global IPv6 forwarding was disabled, we need to re-start the daemon when global IPv6 forwarding is re-enabled.
-rw-r--r--templates/system/ipv6/disable-forwarding/node.def30
1 files changed, 23 insertions, 7 deletions
diff --git a/templates/system/ipv6/disable-forwarding/node.def b/templates/system/ipv6/disable-forwarding/node.def
index 2c8f4ac5..a029c81a 100644
--- a/templates/system/ipv6/disable-forwarding/node.def
+++ b/templates/system/ipv6/disable-forwarding/node.def
@@ -3,23 +3,39 @@ help: Disable IPv6 forwarding on all interfaces
# Disable IPv6 forwarding for all interfaces we currently have,
# and set default such that it will be disabled on any new interfaces
# that come up after this.
+#
create:
sudo sh -c "echo 0 > /proc/sys/net/ipv6/conf/all/forwarding"
sudo sh -c "echo 0 > /proc/sys/net/ipv6/conf/default/forwarding"
-# Re-enable IPv6 forwarding globally. But only enable it for those
-# interfaces that do not have forwarding disabled on a per-interface
-# basis. A per-interface flag file under /var/run/vyatta/ tells us if
-# it is disabled. Restore default value so that any new interfaces
-# that come up after this will have forwarding enabled.
+# Re-enable IPv6 forwarding globally. But setting the global
+# forwarding parameter under "all" has the side effect of setting the
+# per-interface forwarding parameter for all interfaces. Users may
+# disable forwarding per-interface, so we have to restore the state of
+# the per-interface parameter here. A per-interface flag file under
+# /var/run/vyatta/ tells us if forwarding is disabled on specific
+# interfaces. Restore default value of the forwarding parameter under
+# "default" so that any new interfaces that come up after this will
+# have forwarding enabled.
+#
delete:
+ sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/all/forwarding"
cd /proc/sys/net/ipv6/conf
for i in * ; do
if [ "$i" = "default" -o "$i" = "all" -o ! -d "$i" ]; then
continue
fi
- if [ ! -e /var/run/vyatta/ipv6_no_fwd.$i ]; then
- sudo sh -c "echo 1 > $i/forwarding"
+ if [ -e /var/run/vyatta/ipv6_no_fwd.$i ]; then
+ sudo sh -c "echo 0 > $i/forwarding"
fi
done
sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/default/forwarding"
+ #
+ # If router advertisements were configured while global IPv6
+ # forwarding was disabled, we will need to start the radvd daemon
+ # now.
+ running=`ps --no-headers -C radvd | wc -l`
+ if [ $running -eq 0 -a -e /etc/radvd.conf -a -x /etc/init.d/radvd ]; then
+ /etc/init.d/radvd start
+ fi
+