Turns out the /all/ sysctl is a no-op.
--- /dev/null
+#!/bin/sh
+
+set -e
+
+[ "$IFACE" != "lo" ] || exit 0
+[ "$IFACE" != "--all" ] || exit 0
+
+if [ -z "$IFACE" ]; then
+ echo "no interface specified" >&2
+ exit 1
+fi
+
+if [ ! -d /proc/sys/net/ipv6/conf/$IFACE ]; then
+ echo "specified interface does not exist in /proc/sys/net/ipv6/conf/" >&2
+ exit 1
+fi
+
+echo 0 > /procy/sys/net/ipv6/conf/$IFACE/accept_ra
}
# our ipv6 addresses and routes are statically configured.
+ file { '/etc/network/if-pre-up.d/no_accept_ra':
+ source => 'puppet://modules/debian_org/ifupdown-pre-up-accept-ra',
+ mode => '0555',
+ }
base::sysctl { 'dsa-accept-ra-default':
- key => 'net.ipv6.conf.default.accept_ra',
- value => 0,
+ ensure => absent,
}
base::sysctl { 'dsa-accept-ra-all':
- key => 'net.ipv6.conf.all.accept_ra',
- value => 0,
+ ensure => absent,
}
# Disable kpartx udev rules
projects / mirror / dsa-puppet.git / commitdiff