Provide a mechanism to prevent network-scripts from messing with sysctls

network-scripts makes odd assumptions, like if I don't want SLAAC (i.e.
if I turn off AUTOCONF) that I also don't want RA. This is not true,
it's common to have a static local address, but to get my gateway
through RA.

This is one solution. I will also be sending a more specific solution to
enable the above directly, but having a way to tell network-scripts
to not mess with systctls seems generally useful.

1 files changed, 6 insertions, 4 deletions

diff --git a/sysconfig/network-scripts/ifdown-ipv6 b/sysconfig/network-scripts/ifdown-ipv6
index d2207b76..f06f56dd 100755
--- a/sysconfig/network-scripts/ifdown-ipv6
+++ b/sysconfig/network-scripts/ifdown-ipv6
@@ -62,10 +62,12 @@ if [ $? != 0 -a $? != 11 ]; then
 	exit 1
 fi
 
-# Switch some sysctls to secure mode
-/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=0 >/dev/null 2>&1
-/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1
-/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=0 >/dev/null 2>&1
+if [ ! "$IPV6_SET_SYCTL" = "no" ]; then
+  # Switch some sysctls to secure mode
+  /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=0 >/dev/null 2>&1
+  /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1
+  /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=0 >/dev/null 2>&1
+fi
 /sbin/ip link set $DEVICE addrgenmode eui64 >/dev/null 2>&1
 
 # Test status of tun6to4 device