Browse Source

Nuke net.inet6.icmp6.rediraccept and allow redirects on interfaces

with autoconf enabled.
If one is doing SLAAC one does already trust link local icmp6 so the
policy for icmp6 redirects should be the same.
pointed out by & OK bluhm@; OK henning@
OPENBSD_5_7
florian 10 years ago
parent
commit
4bbd9b7236
2 changed files with 2 additions and 4 deletions
  1. +1
    -2
      src/etc/examples/sysctl.conf
  2. +1
    -2
      src/etc/rc.conf

+ 1
- 2
src/etc/examples/sysctl.conf View File

@ -1,4 +1,4 @@
# $OpenBSD: sysctl.conf,v 1.2 2014/08/20 11:23:41 mikeb Exp $
# $OpenBSD: sysctl.conf,v 1.3 2014/08/27 14:04:15 florian Exp $
#
# This file contains a list of sysctl options the user wants set at
# boot time. See sysctl(3) and sysctl(8) for more information on
@ -8,7 +8,6 @@
#net.inet.ip.mforwarding=1 # 1=Permit forwarding (routing) of IPv4 multicast packets
#net.inet.ip.multipath=1 # 1=Enable IP multipath routing
#net.inet.icmp.rediraccept=1 # 1=Accept ICMP redirects
#net.inet6.icmp6.rediraccept=1 # 1=Accept IPv6 ICMP redirects (for hosts)
#net.inet6.ip6.forwarding=1 # 1=Permit forwarding (routing) of IPv6 packets
#net.inet6.ip6.mforwarding=1 # 1=Permit forwarding (routing) of IPv6 multicast packets
#net.inet6.ip6.multipath=1 # 1=Enable IPv6 multipath routing


+ 1
- 2
src/etc/rc.conf View File

@ -1,4 +1,4 @@
# $OpenBSD: rc.conf,v 1.197 2014/08/26 19:33:48 robert Exp $
# $OpenBSD: rc.conf,v 1.198 2014/08/27 14:04:15 florian Exp $
# DO NOT EDIT THIS FILE!!
#
@ -40,7 +40,6 @@ route6d_flags=NO # for normal use: ""
# be sure to set net.inet6.ip6.forwarding=1
rtsold_flags=NO # for normal use: interface
# be sure to set net.inet6.ip6.forwarding=0
# be sure to set net.inet6.icmp6.rediraccept=1
lpd_flags=NO # for normal use: "" (or "-l" for debugging)
sensorsd_flags=NO # for normal use: ""
hotplugd_flags=NO # for normal use: ""


Loading…
Cancel
Save