From 22562f7dd530aba9b6832f927cf2d5027f41e17d Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Fri, 1 Apr 2016 10:56:28 +0200
Subject: sysctl: don't set IPv6 privacy extensions globaly.

---
 roles/common/tasks/sysctl.yml | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'roles/common/tasks')

diff --git a/roles/common/tasks/sysctl.yml b/roles/common/tasks/sysctl.yml
index 3056ee6..ffda544 100644
--- a/roles/common/tasks/sysctl.yml
+++ b/roles/common/tasks/sysctl.yml
@@ -22,12 +22,6 @@
     - { name: 'net.ipv4.ip_forward',          value: 0 }
     - { name: 'net.ipv6.conf.all.forwarding', value: 0 }
 
-      # Enable IPv6 Privacy Extensions.
-    - { name: 'net.ipv6.conf.default.use_tempaddr', value: 2 }
-    - { name: 'net.ipv6.conf.all.use_tempaddr',     value: 2 }
-    - { name: 'net.ipv6.conf.all.autoconf',         value: 0 }
-    - { name: 'net.ipv6.conf.all.accept_ra',        value: 0 }
-
       # Do not accept ICMP redirects (prevent MITM attacks).
     - { name: 'net.ipv4.conf.all.accept_redirects', value: 0 }
     - { name: 'net.ipv6.conf.all.accept_redirects', value: 0 }
-- 
cgit v1.2.3