On Thu, Jun 02, 2005 at 04:00:33PM +0200, Olivier Mehani wrote:
| Hi,
|
| I'd like to accept rtadv annouces on only one interface of my machine.
| As far as I understand, the sysctl entry net.inet6.ip6.accept_rtadv
| controls this for _every_ interface in my machine.
|
| Is there a way to specify more precisely which interfaces should or not
| accept rtadv ?
Try accepting these requests only on the interface you want configured
using pf :
block in inet6 proto icmp6 icmp6-type routeradv
pass in on $RTSOL_IF inet6 proto icmp6 icmp6-type routeradv
Put this as the first rules in your ruleset, and make sure you set
RTSOL_IF to the interface you want.
This will block all router advertisements, except for those that come
in via $RTSOL_IF. Should be all you need ;)
Cheers,
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
[demime 1.01d removed an attachment of type application/pgp-signature]
