7bb6a775b1
efb6ca189641 base-files: /lib/functions.sh: ignore errors in insert_modules b5ba01a0d3f6 fstools: update to latest lede-17.01 branch a9b607740273 kernel: bump kernel 4.4 to 4.4.126 for 17.01 09d95e44fc3d mbedtls: change libmbedcrypto.so soversion back to 0 4673a0bffc89 kernel: mtd: bcm47xxpart: improve handling TRX partition size Also switch to the upstreamed version of "kernel: disable accept_ra by default".
33 lines
1.3 KiB
Diff
33 lines
1.3 KiB
Diff
From: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
Date: Thu, 12 Apr 2018 22:14:56 +0200
|
|
Subject: kernel: disable accept_ra by default
|
|
|
|
Our commands setting accept_ra to 0 on all interfaces got lost in the
|
|
transition to procd. This remained unnoticed for a long time, as we also
|
|
enable forwarding on all interfaces, which prevents RA handling by default.
|
|
|
|
Restore the commands, while also fixing a possible race condition in the
|
|
old version.
|
|
|
|
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
|
|
diff --git a/package/base-files/files/etc/init.d/sysctl b/package/base-files/files/etc/init.d/sysctl
|
|
index 8722126a6612d67a3f615166a7fbec146207e97f..a236a0194b665ff56c8330930bfd44709d1b0d3d 100755
|
|
--- a/package/base-files/files/etc/init.d/sysctl
|
|
+++ b/package/base-files/files/etc/init.d/sysctl
|
|
@@ -26,6 +26,14 @@ apply_defaults() {
|
|
net.ipv6.ip6frag_high_thresh="$frag_high_thresh" \
|
|
net.netfilter.nf_conntrack_frag6_low_thresh="$frag_low_thresh" \
|
|
net.netfilter.nf_conntrack_frag6_high_thresh="$frag_high_thresh"
|
|
+
|
|
+ # first set default, then all interfaces to avoid races with appearing interfaces
|
|
+ if [ -d /proc/sys/net/ipv6/conf ]; then
|
|
+ echo 0 > /proc/sys/net/ipv6/conf/default/accept_ra
|
|
+ for iface in /proc/sys/net/ipv6/conf/*/accept_ra; do
|
|
+ echo 0 > "$iface"
|
|
+ done
|
|
+ fi
|
|
}
|
|
|
|
start() {
|