Commit 65f5c7c1 authored by YOSHIFUJI Hideaki's avatar YOSHIFUJI Hideaki Committed by David S. Miller

[IPV6]: ROUTE: Add accept_ra_defrtr sysctl.

This controls whether we accept default router information
in RAs.
Signed-off-by: default avatarYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 073a8e0e
...@@ -717,6 +717,12 @@ accept_ra - BOOLEAN ...@@ -717,6 +717,12 @@ accept_ra - BOOLEAN
Functional default: enabled if local forwarding is disabled. Functional default: enabled if local forwarding is disabled.
disabled if local forwarding is enabled. disabled if local forwarding is enabled.
accept_ra_defrtr - BOOLEAN
Learn default router in Router Advertisement.
Functional default: enabled if accept_ra is enabled.
disabled if accept_ra is disabled.
accept_redirects - BOOLEAN accept_redirects - BOOLEAN
Accept Redirects. Accept Redirects.
......
...@@ -145,6 +145,7 @@ struct ipv6_devconf { ...@@ -145,6 +145,7 @@ struct ipv6_devconf {
__s32 max_desync_factor; __s32 max_desync_factor;
#endif #endif
__s32 max_addresses; __s32 max_addresses;
__s32 accept_ra_defrtr;
void *sysctl; void *sysctl;
}; };
...@@ -167,6 +168,7 @@ enum { ...@@ -167,6 +168,7 @@ enum {
DEVCONF_MAX_DESYNC_FACTOR, DEVCONF_MAX_DESYNC_FACTOR,
DEVCONF_MAX_ADDRESSES, DEVCONF_MAX_ADDRESSES,
DEVCONF_FORCE_MLD_VERSION, DEVCONF_FORCE_MLD_VERSION,
DEVCONF_ACCEPT_RA_DEFRTR,
DEVCONF_MAX DEVCONF_MAX
}; };
......
...@@ -531,6 +531,7 @@ enum { ...@@ -531,6 +531,7 @@ enum {
NET_IPV6_MAX_DESYNC_FACTOR=15, NET_IPV6_MAX_DESYNC_FACTOR=15,
NET_IPV6_MAX_ADDRESSES=16, NET_IPV6_MAX_ADDRESSES=16,
NET_IPV6_FORCE_MLD_VERSION=17, NET_IPV6_FORCE_MLD_VERSION=17,
NET_IPV6_ACCEPT_RA_DEFRTR=18,
__NET_IPV6_MAX __NET_IPV6_MAX
}; };
......
...@@ -165,6 +165,7 @@ struct ipv6_devconf ipv6_devconf = { ...@@ -165,6 +165,7 @@ struct ipv6_devconf ipv6_devconf = {
.max_desync_factor = MAX_DESYNC_FACTOR, .max_desync_factor = MAX_DESYNC_FACTOR,
#endif #endif
.max_addresses = IPV6_MAX_ADDRESSES, .max_addresses = IPV6_MAX_ADDRESSES,
.accept_ra_defrtr = 1,
}; };
static struct ipv6_devconf ipv6_devconf_dflt = { static struct ipv6_devconf ipv6_devconf_dflt = {
...@@ -186,6 +187,7 @@ static struct ipv6_devconf ipv6_devconf_dflt = { ...@@ -186,6 +187,7 @@ static struct ipv6_devconf ipv6_devconf_dflt = {
.max_desync_factor = MAX_DESYNC_FACTOR, .max_desync_factor = MAX_DESYNC_FACTOR,
#endif #endif
.max_addresses = IPV6_MAX_ADDRESSES, .max_addresses = IPV6_MAX_ADDRESSES,
.accept_ra_defrtr = 1,
}; };
/* IPv6 Wildcard Address and Loopback Address defined by RFC2553 */ /* IPv6 Wildcard Address and Loopback Address defined by RFC2553 */
...@@ -3116,6 +3118,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf, ...@@ -3116,6 +3118,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf,
array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor; array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor;
#endif #endif
array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses; array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses;
array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf->accept_ra_defrtr;
} }
static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev, static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev,
...@@ -3568,6 +3571,14 @@ static struct addrconf_sysctl_table ...@@ -3568,6 +3571,14 @@ static struct addrconf_sysctl_table
.mode = 0644, .mode = 0644,
.proc_handler = &proc_dointvec, .proc_handler = &proc_dointvec,
}, },
{
.ctl_name = NET_IPV6_ACCEPT_RA_DEFRTR,
.procname = "accept_ra_defrtr",
.data = &ipv6_devconf.accept_ra_defrtr,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
},
{ {
.ctl_name = 0, /* sentinel */ .ctl_name = 0, /* sentinel */
} }
......
...@@ -1019,7 +1019,7 @@ static void ndisc_router_discovery(struct sk_buff *skb) ...@@ -1019,7 +1019,7 @@ static void ndisc_router_discovery(struct sk_buff *skb)
struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw; struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
struct neighbour *neigh = NULL; struct neighbour *neigh = NULL;
struct inet6_dev *in6_dev; struct inet6_dev *in6_dev;
struct rt6_info *rt; struct rt6_info *rt = NULL;
int lifetime; int lifetime;
struct ndisc_options ndopts; struct ndisc_options ndopts;
int optlen; int optlen;
...@@ -1081,6 +1081,9 @@ static void ndisc_router_discovery(struct sk_buff *skb) ...@@ -1081,6 +1081,9 @@ static void ndisc_router_discovery(struct sk_buff *skb)
(ra_msg->icmph.icmp6_addrconf_other ? (ra_msg->icmph.icmp6_addrconf_other ?
IF_RA_OTHERCONF : 0); IF_RA_OTHERCONF : 0);
if (!in6_dev->cnf.accept_ra_defrtr)
goto skip_defrtr;
lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime); lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev); rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
...@@ -1128,6 +1131,8 @@ static void ndisc_router_discovery(struct sk_buff *skb) ...@@ -1128,6 +1131,8 @@ static void ndisc_router_discovery(struct sk_buff *skb)
rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit; rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
} }
skip_defrtr:
/* /*
* Update Reachable Time and Retrans Timer * Update Reachable Time and Retrans Timer
*/ */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment