Hi,
Hangbin Liu wrote:
> Commit 6fd99094de2b ("ipv6: Don't reduce hop limit for an interface")
> disabled accept hop limit from RA if it is higher than the current hop
> limit for security stuff. But this behavior kind of break the RFC definition.
>
> RFC 4861, 6.3.4. Processing Received Router Advertisements
> If the received Cur Hop Limit value is non-zero, the host SHOULD set
> its CurHopLimit variable to the received value.
>
> So add sysctl option accept_ra_hop_limit to let user choose whether accept
> hop limit info in RA.
>
> Signed-off-by: Hangbin Liu <[email protected]>
> Acked-by: Hannes Frederic Sowa <[email protected]>
> ---
> Documentation/networking/ip-sysctl.txt | 11 +++++++++++
> include/linux/ipv6.h | 1 +
> include/uapi/linux/ipv6.h | 1 +
> net/ipv6/addrconf.c | 10 ++++++++++
> net/ipv6/ndisc.c | 17 +++++++++++------
> 5 files changed, 34 insertions(+), 6 deletions(-)
>
:
> diff --git a/include/uapi/linux/ipv6.h b/include/uapi/linux/ipv6.h
> index 5efa54a..9f40ac9 100644
> --- a/include/uapi/linux/ipv6.h
> +++ b/include/uapi/linux/ipv6.h
> @@ -153,6 +153,7 @@ enum {
> DEVCONF_FORCE_MLD_VERSION,
> DEVCONF_ACCEPT_RA_DEFRTR,
> DEVCONF_ACCEPT_RA_PINFO,
> + DEVCONF_ACCEPT_RA_HOP_LIMIT,
> DEVCONF_ACCEPT_RA_RTR_PREF,
> DEVCONF_RTR_PROBE_INTERVAL,
> DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN,
No, you cannot add new one in the middle of these since
values are exported to userspace.
--yoshfuji
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
