lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 19 Jan 2010 13:21:04 -0500
From:	Brian Haley <brian.haley@...com>
To:	greg@...ellic.com
CC:	Neil Horman <nhorman@...driver.com>, netdev@...r.kernel.org,
	davem@...emloft.net
Subject: Re: Global IPV6 auto-configuration does not work as expected.

greg@...ellic.com wrote:
> On Jan 18,  3:17pm, Neil Horman wrote:
> } Subject: Re: Global IPV6 auto-configuration does not work as expected.
> 
> Hi Neil, thanks for the note.
> 
>>> The only way we have been able to disable the auto-configuration has
>>> been to explicitly disable it at the individual interface level with
>>> net.ipv6.conf.ethN.autoconf=0 directives.

If done after module load, then that's currently the only way to do it.

> The 'sysctl -p' command is issued by the rc.sysinit script very early
> in the boot process.  Long before the interfaces are actually
> 'upped'.  I'm assuming from your description that the:
> 
> net.ipv6.conf.default.autoconf 
> 
> If set to 0 before the network interfaces are configured should
> prevent auto-configuration from occuring.  I will re-test but I don't
> think that is happening.

I can confirm that this works correctly, for example if you set this to
zero then rmmod/modprobe one of your network drivers, you'll see it get
set correctly.

To fix your reported problem, I added a module parameter to control
the setting of autoconf at load time in June 2009
(see Documentation/networking/ipv6.txt).  Basically, just add this to
/etc/modprobe.conf:

	options ipv6 autoconf=0

Your distro might require it somewhere else.

> Also from your description I'm assuming the following:
> 
> net.ipv6.conf.all.autoconf=0
> 
> If set should globally turn off auto-configuration.

Actually, I don't think that's ever done that, the "all" settings only
affects some things, like forwarding, proxy_ndp, and disable_ipv6.

Even if the "all" setting did have control over this, if its setting was 0
and the device setting was 1, shouldn't the device setting override it?

Hope this helps,

-Brian
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ