diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2016-04-01 10:56:28 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2016-04-01 10:56:28 +0200 |
commit | 22562f7dd530aba9b6832f927cf2d5027f41e17d (patch) | |
tree | 01d02d045a7da5e8abde2590136d127c6a7f6238 | |
parent | 40060b0ffec6f96e4e235e89da29567a6397b05b (diff) |
sysctl: don't set IPv6 privacy extensions globaly.
-rw-r--r-- | roles/common/tasks/sysctl.yml | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/roles/common/tasks/sysctl.yml b/roles/common/tasks/sysctl.yml index 3056ee6..ffda544 100644 --- a/roles/common/tasks/sysctl.yml +++ b/roles/common/tasks/sysctl.yml @@ -22,12 +22,6 @@ - { name: 'net.ipv4.ip_forward', value: 0 } - { name: 'net.ipv6.conf.all.forwarding', value: 0 } - # Enable IPv6 Privacy Extensions. - - { name: 'net.ipv6.conf.default.use_tempaddr', value: 2 } - - { name: 'net.ipv6.conf.all.use_tempaddr', value: 2 } - - { name: 'net.ipv6.conf.all.autoconf', value: 0 } - - { name: 'net.ipv6.conf.all.accept_ra', value: 0 } - # Do not accept ICMP redirects (prevent MITM attacks). - { name: 'net.ipv4.conf.all.accept_redirects', value: 0 } - { name: 'net.ipv6.conf.all.accept_redirects', value: 0 } |