[IPV6]: ROUTE: Add accept_ra_defrtr sysctl.
YOSHIFUJI Hideaki [Tue, 21 Mar 2006 00:55:08 +0000 (16:55 -0800)]
This controls whether we accept default router information
in RAs.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

Documentation/networking/ip-sysctl.txt
include/linux/ipv6.h
include/linux/sysctl.h
net/ipv6/addrconf.c
net/ipv6/ndisc.c

index 26364d0..8001faa 100644 (file)
@@ -717,6 +717,12 @@ accept_ra - BOOLEAN
        Functional default: enabled if local forwarding is disabled.
                            disabled if local forwarding is enabled.
 
+accept_ra_defrtr - BOOLEAN
+       Learn default router in Router Advertisement.
+
+       Functional default: enabled if accept_ra is enabled.
+                           disabled if accept_ra is disabled.
+
 accept_redirects - BOOLEAN
        Accept Redirects.
 
index 9c8f4c9..c5131a0 100644 (file)
@@ -145,6 +145,7 @@ struct ipv6_devconf {
        __s32           max_desync_factor;
 #endif
        __s32           max_addresses;
+       __s32           accept_ra_defrtr;
        void            *sysctl;
 };
 
@@ -167,6 +168,7 @@ enum {
        DEVCONF_MAX_DESYNC_FACTOR,
        DEVCONF_MAX_ADDRESSES,
        DEVCONF_FORCE_MLD_VERSION,
+       DEVCONF_ACCEPT_RA_DEFRTR,
        DEVCONF_MAX
 };
 
index bac61db..0f49413 100644 (file)
@@ -531,6 +531,7 @@ enum {
        NET_IPV6_MAX_DESYNC_FACTOR=15,
        NET_IPV6_MAX_ADDRESSES=16,
        NET_IPV6_FORCE_MLD_VERSION=17,
+       NET_IPV6_ACCEPT_RA_DEFRTR=18,
        __NET_IPV6_MAX
 };
 
index 8a8895e..fbcdcc6 100644 (file)
@@ -165,6 +165,7 @@ struct ipv6_devconf ipv6_devconf = {
        .max_desync_factor      = MAX_DESYNC_FACTOR,
 #endif
        .max_addresses          = IPV6_MAX_ADDRESSES,
+       .accept_ra_defrtr       = 1,
 };
 
 static struct ipv6_devconf ipv6_devconf_dflt = {
@@ -186,6 +187,7 @@ static struct ipv6_devconf ipv6_devconf_dflt = {
        .max_desync_factor      = MAX_DESYNC_FACTOR,
 #endif
        .max_addresses          = IPV6_MAX_ADDRESSES,
+       .accept_ra_defrtr       = 1,
 };
 
 /* IPv6 Wildcard Address and Loopback Address defined by RFC2553 */
@@ -3116,6 +3118,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf,
        array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor;
 #endif
        array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses;
+       array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf->accept_ra_defrtr;
 }
 
 static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev, 
@@ -3569,6 +3572,14 @@ static struct addrconf_sysctl_table
                        .proc_handler   =       &proc_dointvec,
                },
                {
+                       .ctl_name       =       NET_IPV6_ACCEPT_RA_DEFRTR,
+                       .procname       =       "accept_ra_defrtr",
+                       .data           =       &ipv6_devconf.accept_ra_defrtr,
+                       .maxlen         =       sizeof(int),
+                       .mode           =       0644,
+                       .proc_handler   =       &proc_dointvec,
+               },
+               {
                        .ctl_name       =       0,      /* sentinel */
                }
        },
index cb8856b..e171167 100644 (file)
@@ -1019,7 +1019,7 @@ static void ndisc_router_discovery(struct sk_buff *skb)
         struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
        struct neighbour *neigh = NULL;
        struct inet6_dev *in6_dev;
-       struct rt6_info *rt;
+       struct rt6_info *rt = NULL;
        int lifetime;
        struct ndisc_options ndopts;
        int optlen;
@@ -1081,6 +1081,9 @@ static void ndisc_router_discovery(struct sk_buff *skb)
                                (ra_msg->icmph.icmp6_addrconf_other ?
                                        IF_RA_OTHERCONF : 0);
 
+       if (!in6_dev->cnf.accept_ra_defrtr)
+               goto skip_defrtr;
+
        lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
 
        rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
@@ -1128,6 +1131,8 @@ static void ndisc_router_discovery(struct sk_buff *skb)
                        rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
        }
 
+skip_defrtr:
+
        /*
         *      Update Reachable Time and Retrans Timer
         */