summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>2006-03-21 03:55:08 +0300
committerDavid S. Miller <davem@davemloft.net>2006-03-21 03:55:08 +0300
commit65f5c7c1143fb8eed5bc7e7d8c926346e00fe3c0 (patch)
treefb61c9f73577a7fec29b11039d1434b972796d8b
parent073a8e0e154c1c440e0b33aaa887473d5cc843f4 (diff)
downloadlinux-65f5c7c1143fb8eed5bc7e7d8c926346e00fe3c0.tar.xz
[IPV6]: ROUTE: Add accept_ra_defrtr sysctl.
This controls whether we accept default router information in RAs. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--Documentation/networking/ip-sysctl.txt6
-rw-r--r--include/linux/ipv6.h2
-rw-r--r--include/linux/sysctl.h1
-rw-r--r--net/ipv6/addrconf.c11
-rw-r--r--net/ipv6/ndisc.c7
5 files changed, 26 insertions, 1 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 26364d06ae92..8001faa76ea2 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -717,6 +717,12 @@ accept_ra - BOOLEAN
Functional default: enabled if local forwarding is disabled.
disabled if local forwarding is enabled.
+accept_ra_defrtr - BOOLEAN
+ Learn default router in Router Advertisement.
+
+ Functional default: enabled if accept_ra is enabled.
+ disabled if accept_ra is disabled.
+
accept_redirects - BOOLEAN
Accept Redirects.
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index 9c8f4c9ed429..c5131a02869a 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -145,6 +145,7 @@ struct ipv6_devconf {
__s32 max_desync_factor;
#endif
__s32 max_addresses;
+ __s32 accept_ra_defrtr;
void *sysctl;
};
@@ -167,6 +168,7 @@ enum {
DEVCONF_MAX_DESYNC_FACTOR,
DEVCONF_MAX_ADDRESSES,
DEVCONF_FORCE_MLD_VERSION,
+ DEVCONF_ACCEPT_RA_DEFRTR,
DEVCONF_MAX
};
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index bac61db26456..0f494137d037 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -531,6 +531,7 @@ enum {
NET_IPV6_MAX_DESYNC_FACTOR=15,
NET_IPV6_MAX_ADDRESSES=16,
NET_IPV6_FORCE_MLD_VERSION=17,
+ NET_IPV6_ACCEPT_RA_DEFRTR=18,
__NET_IPV6_MAX
};
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 8a8895ef09a7..fbcdcc6ba93b 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -165,6 +165,7 @@ struct ipv6_devconf ipv6_devconf = {
.max_desync_factor = MAX_DESYNC_FACTOR,
#endif
.max_addresses = IPV6_MAX_ADDRESSES,
+ .accept_ra_defrtr = 1,
};
static struct ipv6_devconf ipv6_devconf_dflt = {
@@ -186,6 +187,7 @@ static struct ipv6_devconf ipv6_devconf_dflt = {
.max_desync_factor = MAX_DESYNC_FACTOR,
#endif
.max_addresses = IPV6_MAX_ADDRESSES,
+ .accept_ra_defrtr = 1,
};
/* IPv6 Wildcard Address and Loopback Address defined by RFC2553 */
@@ -3116,6 +3118,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf,
array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor;
#endif
array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses;
+ array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf->accept_ra_defrtr;
}
static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev,
@@ -3569,6 +3572,14 @@ static struct addrconf_sysctl_table
.proc_handler = &proc_dointvec,
},
{
+ .ctl_name = NET_IPV6_ACCEPT_RA_DEFRTR,
+ .procname = "accept_ra_defrtr",
+ .data = &ipv6_devconf.accept_ra_defrtr,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+ {
.ctl_name = 0, /* sentinel */
}
},
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
index cb8856b1d951..e17116796059 100644
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -1019,7 +1019,7 @@ static void ndisc_router_discovery(struct sk_buff *skb)
struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
struct neighbour *neigh = NULL;
struct inet6_dev *in6_dev;
- struct rt6_info *rt;
+ struct rt6_info *rt = NULL;
int lifetime;
struct ndisc_options ndopts;
int optlen;
@@ -1081,6 +1081,9 @@ static void ndisc_router_discovery(struct sk_buff *skb)
(ra_msg->icmph.icmp6_addrconf_other ?
IF_RA_OTHERCONF : 0);
+ if (!in6_dev->cnf.accept_ra_defrtr)
+ goto skip_defrtr;
+
lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
@@ -1128,6 +1131,8 @@ static void ndisc_router_discovery(struct sk_buff *skb)
rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
}
+skip_defrtr:
+
/*
* Update Reachable Time and Retrans Timer
*/