2014-05-02 17:36:08 +02:00
|
|
|
from bootstrapvz.base import Task
|
|
|
|
|
from bootstrapvz.common import phases
|
|
|
|
|
from bootstrapvz.common.tasks import network
|
|
|
|
|
import os.path
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class DisableIPv6(Task):
|
|
|
|
|
description = "Disabling IPv6 support"
|
|
|
|
|
phase = phases.system_modification
|
|
|
|
|
predecessors = [network.ConfigureNetworkIF]
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def run(cls, info):
|
|
|
|
|
network_configuration_path = os.path.join(info.root, 'etc/sysctl.d/70-disable-ipv6.conf')
|
|
|
|
|
with open(network_configuration_path, 'w') as config_file:
|
|
|
|
|
print >>config_file, "net.ipv6.conf.all.disable_ipv6 = 1"
|
Do not remove ::1 from the loopback interface.
An environment with AF_INET6 sockets but no loopback interface creates
nothing but pain.
If an IPv4 server binds to 0.0.0.0:8080, clients may connect to
0.0.0.0:8080, which automatically picks 127.0.0.1 as a source address.
However, when a server binds to [::]:8080, the absence of ::1 causes
clients to fail with ENETUNREACH.
For a demonstration, run the following in a python shell:
import socket
s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM, 0)
s.bind(("", 0))
print s.getsockname() # Example: ('::', 39079, 0, 0)
s.listen(10)
c = socket.socket(socket.AF_INET6, socket.SOCK_STREAM, 0)
c.connect(s.getsockname())
print c.getsockname(), c.getpeername()
This yields the following error:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 101] Network is unreachable
2016-03-24 16:55:33 -07:00
|
|
|
print >>config_file, "net.ipv6.conf.lo.disable_ipv6 = 0"
|
