Configure sysctl values to IPv6 when applicable
This commit is contained in:
parent
787609a965
commit
a5ce838864
|
@ -7,6 +7,8 @@ and this project **does not adhere to [Semantic Versioning](http://semver.org/sp
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
|
* Configure sysctl values to IPv6 when applicable
|
||||||
|
|
||||||
### Deprecated
|
### Deprecated
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
10
minifirewall
10
minifirewall
|
@ -363,6 +363,7 @@ start() {
|
||||||
|
|
||||||
if [ "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" = "1" ] || [ "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" = "0" ]; then
|
if [ "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" = "1" ] || [ "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" = "0" ]; then
|
||||||
echo "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
|
echo "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
|
||||||
|
# Apparently not applicable to IPv6
|
||||||
else
|
else
|
||||||
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS" "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" >&2
|
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS" "${SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS}" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -370,6 +371,7 @@ start() {
|
||||||
|
|
||||||
if [ "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" = "1" ] || [ "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" = "0" ]; then
|
if [ "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" = "1" ] || [ "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" = "0" ]; then
|
||||||
echo "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
|
echo "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
|
||||||
|
# Apparently not applicable to IPv6
|
||||||
else
|
else
|
||||||
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES" "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" >&2
|
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES" "${SYSCTL_ICMP_IGNORE_BOGUS_ERROR_RESPONSES}" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -379,6 +381,11 @@ start() {
|
||||||
for proc_sys_file in /proc/sys/net/ipv4/conf/*/accept_source_route; do
|
for proc_sys_file in /proc/sys/net/ipv4/conf/*/accept_source_route; do
|
||||||
echo "${SYSCTL_ACCEPT_SOURCE_ROUTE}" > "${proc_sys_file}"
|
echo "${SYSCTL_ACCEPT_SOURCE_ROUTE}" > "${proc_sys_file}"
|
||||||
done
|
done
|
||||||
|
if is_ipv6_enabled; then
|
||||||
|
for proc_sys_file in /proc/sys/net/ipv6/conf/*/accept_source_route; do
|
||||||
|
echo "${SYSCTL_ACCEPT_SOURCE_ROUTE}" > "${proc_sys_file}"
|
||||||
|
done
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_ACCEPT_SOURCE_ROUTE" "${SYSCTL_ACCEPT_SOURCE_ROUTE}" >&2
|
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_ACCEPT_SOURCE_ROUTE" "${SYSCTL_ACCEPT_SOURCE_ROUTE}" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -386,6 +393,7 @@ start() {
|
||||||
|
|
||||||
if [ "${SYSCTL_TCP_SYNCOOKIES}" = "1" ] || [ "${SYSCTL_TCP_SYNCOOKIES}" = "0" ]; then
|
if [ "${SYSCTL_TCP_SYNCOOKIES}" = "1" ] || [ "${SYSCTL_TCP_SYNCOOKIES}" = "0" ]; then
|
||||||
echo "${SYSCTL_TCP_SYNCOOKIES}" > /proc/sys/net/ipv4/tcp_syncookies
|
echo "${SYSCTL_TCP_SYNCOOKIES}" > /proc/sys/net/ipv4/tcp_syncookies
|
||||||
|
# Apparently not applicable to IPv6
|
||||||
else
|
else
|
||||||
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_TCP_SYNCOOKIES" "${SYSCTL_TCP_SYNCOOKIES}" >&2
|
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_TCP_SYNCOOKIES" "${SYSCTL_TCP_SYNCOOKIES}" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -412,6 +420,7 @@ start() {
|
||||||
for proc_sys_file in /proc/sys/net/ipv4/conf/*/rp_filter; do
|
for proc_sys_file in /proc/sys/net/ipv4/conf/*/rp_filter; do
|
||||||
echo "${SYSCTL_RP_FILTER}" > "${proc_sys_file}"
|
echo "${SYSCTL_RP_FILTER}" > "${proc_sys_file}"
|
||||||
done
|
done
|
||||||
|
# Apparently not applicable to IPv6
|
||||||
else
|
else
|
||||||
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_RP_FILTER" "${SYSCTL_RP_FILTER}" >&2
|
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_RP_FILTER" "${SYSCTL_RP_FILTER}" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -421,6 +430,7 @@ start() {
|
||||||
for proc_sys_file in /proc/sys/net/ipv4/conf/*/log_martians; do
|
for proc_sys_file in /proc/sys/net/ipv4/conf/*/log_martians; do
|
||||||
echo "${SYSCTL_LOG_MARTIANS}" > "${proc_sys_file}"
|
echo "${SYSCTL_LOG_MARTIANS}" > "${proc_sys_file}"
|
||||||
done
|
done
|
||||||
|
# Apparently not applicable to IPv6
|
||||||
else
|
else
|
||||||
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_LOG_MARTIANS" "${SYSCTL_LOG_MARTIANS}" >&2
|
printf "${RED}ERROR: invalid %s value '%s', must be '0' or '1'.\n" "SYSCTL_LOG_MARTIANS" "${SYSCTL_LOG_MARTIANS}" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
|
Loading…
Reference in a new issue