diff options
| -rw-r--r-- | interface-definitions/system-ipv6.xml.in | 6 | ||||
| -rwxr-xr-x | src/conf_mode/system-ipv6.py | 16 | ||||
| -rwxr-xr-x | src/migration-scripts/system/13-to-14 | 40 |
3 files changed, 41 insertions, 21 deletions
diff --git a/interface-definitions/system-ipv6.xml.in b/interface-definitions/system-ipv6.xml.in index 623418100..47fbeb4e1 100644 --- a/interface-definitions/system-ipv6.xml.in +++ b/interface-definitions/system-ipv6.xml.in @@ -8,12 +8,6 @@ <priority>290</priority> </properties> <children> - <leafNode name="blacklist"> - <properties> - <help>Prevent IPv6 Kernel Module from being loaded</help> - <valueless/> - </properties> - </leafNode> <leafNode name="disable-forwarding"> <properties> <help>Disable IPv6 forwarding on all interfaces</help> diff --git a/src/conf_mode/system-ipv6.py b/src/conf_mode/system-ipv6.py index cfbbf80ee..bd28ec357 100755 --- a/src/conf_mode/system-ipv6.py +++ b/src/conf_mode/system-ipv6.py @@ -22,11 +22,9 @@ from copy import deepcopy from vyos.config import Config from vyos import ConfigError -ipv6_blacklist_file = '/etc/modprobe.d/vyos_blacklist_ipv6.conf' ipv6_disable_file = '/etc/modprobe.d/vyos_disable_ipv6.conf' default_config_data = { - 'blacklist': False, 'reboot_message': False, 'ipv6_forward': '1', 'disable_addr_assignment': False, @@ -44,10 +42,6 @@ def get_config(): conf = Config() conf.set_level('system ipv6') if conf.exists(''): - ip_opt['blacklist'] = conf.exists('blacklist') - if conf.exists_effective('blacklist') != conf.exists('blacklist'): - ip_opt['reboot_message'] = True - ip_opt['disable_addr_assignment'] = conf.exists('disable') if conf.exists_effective('disable') != conf.exists('disable'): ip_opt['reboot_message'] = True @@ -73,14 +67,6 @@ def generate(ip_opt): pass def apply(ip_opt): - # disable IPv6 kernel module - if ip_opt['blacklist']: - with open(ipv6_blacklist_file, 'w') as f: - f.write('blacklist ipv6') - else: - if os.path.exists(ipv6_blacklist_file): - os.unlink(ipv6_blacklist_file) - # disable IPv6 address assignment if ip_opt['disable_addr_assignment']: with open(ipv6_disable_file, 'w') as f: @@ -90,7 +76,7 @@ def apply(ip_opt): os.unlink(ipv6_disable_file) if ip_opt['reboot_message']: - print('Changing IPv6 blacklist/disable parameter will only take affect\n' \ + print('Changing IPv6 disable parameter will only take affect\n' \ 'when the system is rebooted.') # configure multipath diff --git a/src/migration-scripts/system/13-to-14 b/src/migration-scripts/system/13-to-14 new file mode 100755 index 000000000..c055dad1f --- /dev/null +++ b/src/migration-scripts/system/13-to-14 @@ -0,0 +1,40 @@ +#!/usr/bin/env python3 +# +# Delete 'system ipv6 blacklist' option as the IPv6 module can no longer be +# blacklisted as it is required by e.g. WireGuard and thus will always be +# loaded. + +import os +import sys + +ipv6_blacklist_file = '/etc/modprobe.d/vyatta_blacklist_ipv6.conf' + +from vyos.configtree import ConfigTree + +if (len(sys.argv) < 1): + print("Must specify file name!") + sys.exit(1) + +file_name = sys.argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +config = ConfigTree(config_file) +ip_base = ['system', 'ipv6'] +if not config.exists(ip_base): + # Nothing to do + sys.exit(0) +else: + # delete 'system ipv6 blacklist' node + if config.exists(ip_base + ['blacklist']): + config.delete(ip_base + ['blacklist']) + if os.path.isfile(ipv6_blacklist_file): + os.unlink(ipv6_blacklist_file) + + try: + with open(file_name, 'w') as f: + f.write(config.to_string()) + except OSError as e: + print("Failed to save the modified config: {}".format(e)) + sys.exit(1) |