lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <49CA4D86.4070403@hp.com>
Date:	Wed, 25 Mar 2009 11:28:06 -0400
From:	Brian Haley <brian.haley@...com>
To:	Kolbjørn Barmen <linux@...la.no>
Cc:	Vlad Yasevich <vladislav.yasevich@...com>, davem@...emloft.net,
	yoshfuji@...ux-ipv6.org, netdev@...r.kernel.org
Subject: Re: [PATCH] IPv6: Add 'autoconf' and 'disable_ipv6' module parameters

Kolbjørn Barmen wrote:
> On Tue, 24 Mar 2009, Vlad Yasevich wrote:
> 
>> Brian Haley wrote:
>>> This is the quick and easy patch to add autoconf and
>>> disable_ipv6 module parameters to IPv6.  I don't think anything
>>> more complicated is needed, assuming you play with the /etc
>>> configuration files.
>>>
>>> For example, if you wanted to enable IPv6 just on 'lo' you
>>> would:
>>>
>>> 1. Add "ipv6" to /etc/modules (if you don't, step #3 might fail)
>>>
>>> 2. Add this to /etc/modprobe.conf:
>>>
>>> 	options ipv6 disable_ipv6=1
>>>
>>> 3. Add these to /etc/sysctl.conf:
>>>
>>> 	net.ipv6.conf.all.disable_ipv6=0
>>> 	net.ipv6.conf.lo.disable_ipv6=0
>> This is kind of confusing.  First you say, disable IPv6, then you say enable IPv6, but
>> nothing happens.  Unless you typo-ed the 'all.disable_ipv6 = 0'...
> 
> I bet that should have been "net.ipv6.conf.all.disable_ipv6=1" yes. :)

No, the module parameter disabled it, but we need to re-enable the 
.all.disable_ipv6 knob in order for lo to be able to configure itself. 
If I follow Vlad's advice of only setting the .default knob then you 
won't have to do this.

>> Also, it looks like if someone decides to switch IPv6 back on for a particular
>> interface, they would have to wait until the next RA to get an address.  Not an
>> optimum solution.
> 
> Isnt this the normal way anyways, or do new interfaces send some sort of
> "I'm new here, give me a prefix and router announcement, please!" normally
> when they go online? If so, maybe that should be done here as well.

I'll see about putting in a callback to send a router solicitation.  But 
on the flip side if someone changes eth0.disable_ipv6=0 to 1, we won't 
be removing the address either.  An ifdown/ifup cycle would remove the 
need for us to do anything here.

-Brian
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ