Bump Debian changelog version

Entirely disable IPv6 on bridged interfaces
Prevents any potential leakage due to autoconfigured IPv6 on bridged interfaces. These are exclusively VM-side bridges, and the PVC host should not have any IPv6 configuration on them, ever.
2020-10-15 11:02:41 -04:00 · 2020-10-15 11:00:59 -04:00
2 changed files with 8 additions and 2 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,9 @@
+pvc (0.8-1) unstable; urgency=high
+
+  * Fix bug with IPv6 being enabled on bridged interfaces
+
+ -- Joshua Boniface <joshua@boniface.me>  Thu, 15 Oct 2020 11:02:24 -0400
+
 pvc (0.8-0) unstable; urgency=medium

  * Numerous bugfixes and improvements
--- a/node-daemon/pvcnoded/VXNetworkInstance.py
+++ b/node-daemon/pvcnoded/VXNetworkInstance.py
@ -511,9 +511,9 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
            )
        )

-        # Disable IPv6 DAD on bridge interface
+        # Disable IPv6 on bridge interface (prevents leakage)
        common.run_os_command(
-            'sysctl net.ipv6.conf.{}.accept_dad=0'.format(
+            'sysctl net.ipv6.conf.{}.disable_ipv6=1'.format(
                self.bridge_nic
            )
        )
Author	SHA1	Message	Date
Joshua M. Boniface	891aeca388	Bump Debian changelog version	2020-10-15 11:02:41 -04:00
Joshua M. Boniface	aa5f8c93fd	Entirely disable IPv6 on bridged interfaces Prevents any potential leakage due to autoconfigured IPv6 on bridged interfaces. These are exclusively VM-side bridges, and the PVC host should not have any IPv6 configuration on them, ever.	2020-10-15 11:00:59 -04:00