summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2016-04-01 10:56:28 +0200
committerGuilhem Moulin <guilhem@fripost.org>2016-04-01 10:56:28 +0200
commit22562f7dd530aba9b6832f927cf2d5027f41e17d (patch)
tree01d02d045a7da5e8abde2590136d127c6a7f6238 /roles
parent40060b0ffec6f96e4e235e89da29567a6397b05b (diff)
sysctl: don't set IPv6 privacy extensions globaly.
Diffstat (limited to 'roles')
-rw-r--r--roles/common/tasks/sysctl.yml6
1 files changed, 0 insertions, 6 deletions
diff --git a/roles/common/tasks/sysctl.yml b/roles/common/tasks/sysctl.yml
index 3056ee6..ffda544 100644
--- a/roles/common/tasks/sysctl.yml
+++ b/roles/common/tasks/sysctl.yml
@@ -22,12 +22,6 @@
- { name: 'net.ipv4.ip_forward', value: 0 }
- { name: 'net.ipv6.conf.all.forwarding', value: 0 }
- # Enable IPv6 Privacy Extensions.
- - { name: 'net.ipv6.conf.default.use_tempaddr', value: 2 }
- - { name: 'net.ipv6.conf.all.use_tempaddr', value: 2 }
- - { name: 'net.ipv6.conf.all.autoconf', value: 0 }
- - { name: 'net.ipv6.conf.all.accept_ra', value: 0 }
-
# Do not accept ICMP redirects (prevent MITM attacks).
- { name: 'net.ipv4.conf.all.accept_redirects', value: 0 }
- { name: 'net.ipv6.conf.all.accept_redirects', value: 0 }