[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

disable IPv6

To: silug-discuss@silug.org
Subject: disable IPv6
From: Steven Pritchard <steve@silug.org>
Date: Tue, 22 Jun 2010 15:54:47 -0500
Mail-Followup-To: Steven Pritchard <steve@silug.org>,silug-discuss@silug.org
Organization: Southern Illinois Linux Users Group
Reply-To: silug-discuss@silug.org
Sender: silug-discuss-owner@silug.org
User-Agent: Mutt/1.5.20 (2009-08-17)

I tend to like to turn off IPv6 on my firewalls so I have a little
better handle on *exactly* what traffic is being allowed.  Thanks to
Google, I just discovered a quick way to kill IPv6 on all interfaces:

  echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

For a more permanent solution, do this:

  cat >> /etc/sysctl.conf <<END
  
  # Disable IPv6
  net.ipv6.conf.all.disable_ipv6 = 1
  END
  sysctl -p

And specifically on Fedora/RHEL, I think these are the rest of the magic
bits:

  echo blacklist ipv6 >> /etc/modprobe.d/ipv6.conf
  cat >> /etc/sysconfig/network <<END
  NETWORKING_IPV6=no
  IPV6INIT=no
  IPV6TO4INIT=no
  END

Although I have to admit, I just tried that, and the ipv6 module still
gets loaded at boot...  Still, with no IPv6 addresses, that should be
close enough...

The only way to absolutely be sure that the ipv6 module never gets
loaded that I've found so far (on Fedora 12, at least) is to add
"install ipv6 /bin/true" to /etc/modprobe.d/ipv6.conf also.

Steve
-- 
steve@silug.org           | Southern Illinois Linux Users Group
(618)624-4440             | See web site for meeting details.
Steven Pritchard          | http://www.silug.org/

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.

Follow-Ups:
- Re: disable IPv6
  - From: "Robert G. (Doc) Savage" <dsavage@peaknet.net>

Prev by Date: Re: Outdated PC hardware & Software
Next by Date: Re: disable IPv6
Prev by thread: Re: Annoying Wireless - Suggestions?
Next by thread: Re: disable IPv6
Index(es):
- Date
- Thread