[IPV6]: Disallow RH0 by default.

A security issue is emerging. Disallow Routing Header Type 0 by default as we have been doing for IPv4. Note: We allow RH2 by default because it is harmless. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
author: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 2007-04-24 17:58:30 -0400
committer: David S. Miller <davem@davemloft.net> 2007-04-24 17:58:30 -0400
commit: 0bcbc92629044b5403719f77fb015e9005b1f504 (patch)
tree: ac9635a8ac7b14edcaa0e5ad42a5bc70f778ec33 /include
parent: 05d224468a273a9ee773a0e9d34227ee7f2c0840 (diff)
2 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index f8241130f5ea..713eb5eaa81f 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -177,6 +177,7 @@ struct ipv6_devconf {
 #endif
 #endif
        __s32           proxy_ndp;
+        __s32           accept_source_route;
        void            *sysctl;
 };
@@ -205,6 +206,8 @@ enum {
        DEVCONF_RTR_PROBE_INTERVAL,
        DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN,
        DEVCONF_PROXY_NDP,
+        __DEVCONF_OPTIMISTIC_DAD,
+        DEVCONF_ACCEPT_SOURCE_ROUTE,
        DEVCONF_MAX
 };
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 2c5fb38d9392..9a8970bf99a6 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -580,6 +580,7 @@ enum {
        NET_IPV6_RTR_PROBE_INTERVAL=21,
        NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=22,
        NET_IPV6_PROXY_NDP=23,
+        NET_IPV6_ACCEPT_SOURCE_ROUTE=25,
        __NET_IPV6_MAX
 };
author	YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>	2007-04-24 17:58:30 -0400
committer	David S. Miller <davem@davemloft.net>	2007-04-24 17:58:30 -0400
commit	0bcbc92629044b5403719f77fb015e9005b1f504 (patch)
tree	ac9635a8ac7b14edcaa0e5ad42a5bc70f778ec33 /include
parent	05d224468a273a9ee773a0e9d34227ee7f2c0840 (diff)