• David Ahern's avatar
    net ipv6: Prevent neighbor add if protocol is disabled on device · b8fb1ab4
    David Ahern authored
    Disabling IPv6 on an interface removes existing entries but nothing prevents
    new entries from being manually added. To that end, add a new neigh_table
    operation, allow_add, that is called on RTM_NEWNEIGH to see if neighbor
    entries are allowed on a given device. If IPv6 is disabled on the device,
    allow_add returns false and passes a message back to the user via extack.
    
      $ echo 1 > /proc/sys/net/ipv6/conf/eth1/disable_ipv6
      $ ip -6 neigh add fe80::4c88:bff:fe21:2704 dev eth1 lladdr de:ad:be:ef:01:01
      Error: IPv6 is disabled on this device.
    Signed-off-by: default avatarDavid Ahern <dsahern@gmail.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    b8fb1ab4
neighbour.c 91 KB