[netctl] Do not allow the kernel to try and be smarter than us

Message ID 20190207144908.GA19849@Mindship-03
State New
Headers show
Series
  • [netctl] Do not allow the kernel to try and be smarter than us
Related show

Commit Message

Eli Schwartz via arch-projects Feb. 7, 2019, 2:49 p.m. UTC
When accept_ra is set to 1, router advertisements are still ignored if
the interface is in forwarding mode. For such configurations, the
interface should have a static configuration and netctl already sets
accept_ra to 0. Setting it to 2 otherwise forces the kernel to accept
router advertisements regardless of the forwarding setting.
---
 src/lib/ip | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

Patch

diff --git a/src/lib/ip b/src/lib/ip
index 65057ab..e3f6a2f 100644
--- a/src/lib/ip
+++ b/src/lib/ip
@@ -50,13 +50,16 @@  ip_set() {
       dhcp|dhcp-noaddr|stateless|static)
         [[ -d "/proc/sys/net/ipv6" ]] || modprobe ipv6
         sysctl -q -w "net.ipv6.conf.$interface_sysctl.disable_ipv6=0"
-        [[ $IP6 == "static" ]]
-        sysctl -q -w "net.ipv6.conf.$interface_sysctl.accept_ra=$?"
+        if [[ $IP6 == "static" ]]; then
+            sysctl -q -w "net.ipv6.conf.$interface_sysctl.accept_ra=0"
+        else  # Accept router advertisements regardless of the forwarding setting
+            sysctl -q -w "net.ipv6.conf.$interface_sysctl.accept_ra=2"
+        fi
       ;;
       no)
         [[ -d "/proc/sys/net/ipv6" ]] && sysctl -q -w "net.ipv6.conf.$interface_sysctl.disable_ipv6=1"
       ;;
-      "")  # undefined IP6 does not prevent RA's from being received -> nop
+      "")  # Having IP6= unset does not prevent router advertisements from being received
       ;;
       *)
         report_error "IP6 must be 'dhcp', 'dhcp-noaddr', 'stateless', 'static' or 'no'"