Mail archive

[alpine-user] net.ipv6.conf.all.disable_ipv6=1 not honoured, need to blacklist ipv6

From: Steffen Nurpmeso <>
Date: Mon, 12 Feb 2018 17:55:56 +0100

Hello again.

I have a question reqarding Linux IPv6 configuration.
I want to get rid of IPv6, which is in -vanilla it seems. I have
a sysctl.conf that contains, among others (maybe excessive)

  net.ipv6.conf.all.disable_ipv6 = 1
  net.ipv6.conf.default.disable_ipv6 = 1
  net.ipv6.conf.lo.disable_ipv6 = 1
  net.ipv6.conf.eth0.disable_ipv6 = 1

and with -grsec/-hardened i saw "sysctl not supported" or so fly
by (that sysctl.conf is shared in between all Linux boxes).
Now with -vanilla that message no longer occurs but the IPv6 stack
becomes activated regardless, and i have to manually

  * [_at_sdaoden]$ sysctl -w net.ipv6.conf.all.disable_ipv6=1

again after startup is completed. The new setting is then
however honoured whatever action is performed it seems, regetting
DHCP config and restarting my firewall script
(called via init.d/iptables hack otherwise) do not affect this
setting no more, for example.

I have to add ipv6 to the module blacklist to overcome this
situation, this works just fine, but seems somehow excessive and
as if something would be wrong.
If i do not blacklist ipv6 it will be used by "idp_diag sctp".
Any hint much appreciated.

|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)

Received on Mon Feb 12 2018 - 17:55:56 UTC