[PATCH] IPV6: Disallow RH0 by default.

[IPV6]: Disallow RH0 by default. A security issue is emerging. Disallow Routing Header Type 0 by default as we have been doing for IPv4. Note: We allow RH2 by default because it is harmless. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
author: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 2007-04-25 21:56:57 -0700
committer: Greg Kroah-Hartman <gregkh@suse.de> 2007-04-25 22:06:33 -0700
commit: 010831ab8436dfd9304b203467566fb6b135c24f (patch)
tree: 90171470f3ef79175872e3503ac11f301df2faed /include
parent: 2103bfb1fb0b1656bc4716b7c7f0d533761fab79 (diff)
2 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index f8241130f5ea..713eb5eaa81f 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -177,6 +177,7 @@ struct ipv6_devconf {
 #endif
 #endif
 	__s32		proxy_ndp;
+	__s32		accept_source_route;
 	void		*sysctl;
 };
 
@@ -205,6 +206,8 @@ enum {
 	DEVCONF_RTR_PROBE_INTERVAL,
 	DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN,
 	DEVCONF_PROXY_NDP,
+	__DEVCONF_OPTIMISTIC_DAD,
+	DEVCONF_ACCEPT_SOURCE_ROUTE,
 	DEVCONF_MAX
 };
 
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 81480e613467..6f34622997da 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -570,6 +570,7 @@ enum {
 	NET_IPV6_RTR_PROBE_INTERVAL=21,
 	NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=22,
 	NET_IPV6_PROXY_NDP=23,
+	NET_IPV6_ACCEPT_SOURCE_ROUTE=25,
 	__NET_IPV6_MAX
 };
author	YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>	2007-04-25 21:56:57 -0700
committer	Greg Kroah-Hartman <gregkh@suse.de>	2007-04-25 22:06:33 -0700
commit	010831ab8436dfd9304b203467566fb6b135c24f (patch)
tree	90171470f3ef79175872e3503ac11f301df2faed /include
parent	2103bfb1fb0b1656bc4716b7c7f0d533761fab79 (diff)