summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>2007-04-25 01:58:30 +0400
committerDavid S. Miller <davem@davemloft.net>2007-04-25 01:58:30 +0400
commit0bcbc92629044b5403719f77fb015e9005b1f504 (patch)
treeac9635a8ac7b14edcaa0e5ad42a5bc70f778ec33 /include
parent05d224468a273a9ee773a0e9d34227ee7f2c0840 (diff)
downloadlinux-0bcbc92629044b5403719f77fb015e9005b1f504.tar.xz
[IPV6]: Disallow RH0 by default.
A security issue is emerging. Disallow Routing Header Type 0 by default as we have been doing for IPv4. Note: We allow RH2 by default because it is harmless. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/linux/ipv6.h3
-rw-r--r--include/linux/sysctl.h1
2 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index f8241130f5ea..713eb5eaa81f 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -177,6 +177,7 @@ struct ipv6_devconf {
#endif
#endif
__s32 proxy_ndp;
+ __s32 accept_source_route;
void *sysctl;
};
@@ -205,6 +206,8 @@ enum {
DEVCONF_RTR_PROBE_INTERVAL,
DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN,
DEVCONF_PROXY_NDP,
+ __DEVCONF_OPTIMISTIC_DAD,
+ DEVCONF_ACCEPT_SOURCE_ROUTE,
DEVCONF_MAX
};
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 2c5fb38d9392..9a8970bf99a6 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -580,6 +580,7 @@ enum {
NET_IPV6_RTR_PROBE_INTERVAL=21,
NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=22,
NET_IPV6_PROXY_NDP=23,
+ NET_IPV6_ACCEPT_SOURCE_ROUTE=25,
__NET_IPV6_MAX
};