From 40060b0ffec6f96e4e235e89da29567a6397b05b Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 30 Mar 2016 21:46:59 +0300
Subject: sysctl: set net.ipv6.conf.all.accept_ra = 0.

---
 roles/common/tasks/sysctl.yml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'roles/common/tasks/sysctl.yml')

diff --git a/roles/common/tasks/sysctl.yml b/roles/common/tasks/sysctl.yml
index d3ae86f..3056ee6 100644
--- a/roles/common/tasks/sysctl.yml
+++ b/roles/common/tasks/sysctl.yml
@@ -26,6 +26,7 @@
     - { name: 'net.ipv6.conf.default.use_tempaddr', value: 2 }
     - { name: 'net.ipv6.conf.all.use_tempaddr',     value: 2 }
     - { name: 'net.ipv6.conf.all.autoconf',         value: 0 }
+    - { name: 'net.ipv6.conf.all.accept_ra',        value: 0 }
 
       # Do not accept ICMP redirects (prevent MITM attacks).
     - { name: 'net.ipv4.conf.all.accept_redirects', value: 0 }
-- 
cgit v1.2.3