summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-03-25 18:56:06 +0100
committerChristian Poessinger <christian@poessinger.com>2022-03-25 18:56:06 +0100
commitf8b3d8999cbea988ce8e7d303957558308ddc1bc (patch)
tree53afd5e6b1cbaab93a26078874802f304358f7f4
parent1b16a4eab926462c0d2752d698bedf28c995058d (diff)
downloadvyos-1x-f8b3d8999cbea988ce8e7d303957558308ddc1bc.tar.gz
vyos-1x-f8b3d8999cbea988ce8e7d303957558308ddc1bc.zip
ipv6: T4319: do not configure IPv6 related settings if it's disabled
-rwxr-xr-xpython/vyos/ifconfig/interface.py93
1 files changed, 48 insertions, 45 deletions
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index 8c5ff576e..8ce851cdb 100755
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -39,6 +39,7 @@ from vyos.util import read_file
from vyos.util import get_interface_config
from vyos.util import get_interface_namespace
from vyos.util import is_systemd_service_active
+from vyos.util import sysctl_read
from vyos.template import is_ipv4
from vyos.template import is_ipv6
from vyos.validate import is_intf_addr_assigned
@@ -1448,11 +1449,6 @@ class Interface(Control):
value = tmp if (tmp != None) else '0'
self.set_tcp_ipv4_mss(value)
- # Configure MSS value for IPv6 TCP connections
- tmp = dict_search('ipv6.adjust_mss', config)
- value = tmp if (tmp != None) else '0'
- self.set_tcp_ipv6_mss(value)
-
# Configure ARP cache timeout in milliseconds - has default value
tmp = dict_search('ip.arp_cache_timeout', config)
value = tmp if (tmp != None) else '30'
@@ -1498,47 +1494,54 @@ class Interface(Control):
value = tmp if (tmp != None) else '0'
self.set_ipv4_source_validation(value)
- # IPv6 forwarding
- tmp = dict_search('ipv6.disable_forwarding', config)
- value = '0' if (tmp != None) else '1'
- self.set_ipv6_forwarding(value)
-
- # IPv6 router advertisements
- tmp = dict_search('ipv6.address.autoconf', config)
- value = '2' if (tmp != None) else '1'
- if 'dhcpv6' in new_addr:
- value = '2'
- self.set_ipv6_accept_ra(value)
-
- # IPv6 address autoconfiguration
- tmp = dict_search('ipv6.address.autoconf', config)
- value = '1' if (tmp != None) else '0'
- self.set_ipv6_autoconf(value)
-
- # IPv6 Duplicate Address Detection (DAD) tries
- tmp = dict_search('ipv6.dup_addr_detect_transmits', config)
- value = tmp if (tmp != None) else '1'
- self.set_ipv6_dad_messages(value)
-
- # MTU - Maximum Transfer Unit
- if 'mtu' in config:
- self.set_mtu(config.get('mtu'))
-
- # Delete old IPv6 EUI64 addresses before changing MAC
- for addr in (dict_search('ipv6.address.eui64_old', config) or []):
- self.del_ipv6_eui64_address(addr)
-
- # Manage IPv6 link-local addresses
- if dict_search('ipv6.address.no_default_link_local', config) != None:
- self.del_ipv6_eui64_address('fe80::/64')
- else:
- self.add_ipv6_eui64_address('fe80::/64')
+ # Only change IPv6 parameters if IPv6 was not explicitly disabled
+ if sysctl_read('net.ipv6.conf.all.disable_ipv6') == '0':
+ # Configure MSS value for IPv6 TCP connections
+ tmp = dict_search('ipv6.adjust_mss', config)
+ value = tmp if (tmp != None) else '0'
+ self.set_tcp_ipv6_mss(value)
+
+ # IPv6 forwarding
+ tmp = dict_search('ipv6.disable_forwarding', config)
+ value = '0' if (tmp != None) else '1'
+ self.set_ipv6_forwarding(value)
+
+ # IPv6 router advertisements
+ tmp = dict_search('ipv6.address.autoconf', config)
+ value = '2' if (tmp != None) else '1'
+ if 'dhcpv6' in new_addr:
+ value = '2'
+ self.set_ipv6_accept_ra(value)
+
+ # IPv6 address autoconfiguration
+ tmp = dict_search('ipv6.address.autoconf', config)
+ value = '1' if (tmp != None) else '0'
+ self.set_ipv6_autoconf(value)
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ tmp = dict_search('ipv6.dup_addr_detect_transmits', config)
+ value = tmp if (tmp != None) else '1'
+ self.set_ipv6_dad_messages(value)
+
+ # MTU - Maximum Transfer Unit
+ if 'mtu' in config:
+ self.set_mtu(config.get('mtu'))
+
+ # Delete old IPv6 EUI64 addresses before changing MAC
+ for addr in (dict_search('ipv6.address.eui64_old', config) or []):
+ self.del_ipv6_eui64_address(addr)
+
+ # Manage IPv6 link-local addresses
+ if dict_search('ipv6.address.no_default_link_local', config) != None:
+ self.del_ipv6_eui64_address('fe80::/64')
+ else:
+ self.add_ipv6_eui64_address('fe80::/64')
- # Add IPv6 EUI-based addresses
- tmp = dict_search('ipv6.address.eui64', config)
- if tmp:
- for addr in tmp:
- self.add_ipv6_eui64_address(addr)
+ # Add IPv6 EUI-based addresses
+ tmp = dict_search('ipv6.address.eui64', config)
+ if tmp:
+ for addr in tmp:
+ self.add_ipv6_eui64_address(addr)
# re-add ourselves to any bridge we might have fallen out of
if 'is_bridge_member' in config: