diff options
| -rwxr-xr-x | scripts/rl-system.init | 22 | ||||
| -rw-r--r-- | sysconf/vyatta-sysctl.conf | 6 |
2 files changed, 28 insertions, 0 deletions
diff --git a/scripts/rl-system.init b/scripts/rl-system.init index 5a042c73..a568bfa7 100755 --- a/scripts/rl-system.init +++ b/scripts/rl-system.init @@ -134,6 +134,27 @@ create_ssh_host_keys () { fi; } +set_ipv6_params () +{ + # default values for ipv6 parameters do not take effect for interfaces at boot + # time, so copy over default values to their interface specific parameter + ipv6_params=(accept_source_route accept_redirects) + num_ipv6_params=${#ipv6_params[*]} + i=0 + while [ $i -lt $num_ipv6_params ]; do + default_val=`cat /proc/sys/net/ipv6/conf/default/${ipv6_params[$i]}` + array=(`ls /proc/sys/net/ipv6/conf/`) + array_len=${#array[*]} + j=0 + while [ $j -lt $array_len ]; do + sudo sh -c "echo $default_val > \ + /proc/sys/net/ipv6/conf/${array[$j]}/${ipv6_params[$i]}" + let j++ + done + let i++ + done +} + start () { udev_rescan create_ssh_host_keys || \ @@ -144,6 +165,7 @@ start () { log_failure_msg "can\'t add serial interfaces" sysctl -q -p /opt/vyatta/etc/vyatta-sysctl.conf || log_failure_msg "can\'t configure kernel settings" + set_ipv6_params update_version_info ## Clear out apt config file--it will be filled in by rtrmgr diff --git a/sysconf/vyatta-sysctl.conf b/sysconf/vyatta-sysctl.conf index f1265e3b..24dce03a 100644 --- a/sysconf/vyatta-sysctl.conf +++ b/sysconf/vyatta-sysctl.conf @@ -54,3 +54,9 @@ net.ipv4.conf.all.accept_source_route=0 # Enable send_redirects by default net.ipv4.conf.all.send_redirects=1 + +# Disable ipv6 accept_source_route by default +net.ipv6.conf.default.accept_source_route=-1 + +# Disable ipv6 accept_redirects by default +net.ipv6.conf.default.accept_redirects=0 |