From 0c5295bc84618bed1e33e153db888a93b61428a6 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 24 May 2013 16:29:21 +0200 Subject: [PATCH] grml-sniff: disable IPv6 to avoid neighbor solicitation/multicast traffic MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit With IPv6 enabled the devices leak IPv6 traffic because of the way IPv6 works™: | 16:24:20.074982 IP6 (hlim 1, next-header Options (0) payload length: 36) :: > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr [...] to_ex { }] | 16:24:20.319025 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24) :: > ff02::1:ffab:3f90: [icmp6 sum ok] ICMP6, neighbor solicitation, length 24, who has [...] | 16:24:21.319027 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) [...] > ip6-allrouters: [icmp6 sum ok] ICMP6, router solicitation, length 16 | [...] | 16:24:23.619025 IP6 (hlim 1, next-header Options (0) payload length: 36) [...] > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr ff02::1:ffab:3f90 to_ex { }] | 16:24:25.330982 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) [...] > ip6-allrouters: [icmp6 sum ok] ICMP6, router solicitation, length 16 | source link-address option (1), length 8 (1): [...] | 0x0000: 001d 92ab 3f90 | 16:24:29.338972 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) [...] > ip6-allrouters: [icmp6 sum ok] ICMP6, router solicitation, length 16 | source link-address option (1), length 8 (1): [...] | 0x0000: 001d 92ab 3f90 So when starting the sniffing setup disable IPv6 and when stopping the sniffing setup re-enable it again. --- sbin/grml-sniff | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sbin/grml-sniff b/sbin/grml-sniff index d854f5d..cbb8ec1 100755 --- a/sbin/grml-sniff +++ b/sbin/grml-sniff @@ -45,6 +45,10 @@ case "$1" in check4root || exit 1 einfo "Starting sniffing setup" eindent + + einfo "Disabling IPv6 to avoid neighbor solicitation/multicast traffic" + echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6 + einfo "Creating bridge device" brctl addbr "$BRIDGE_NAME" eend $? @@ -98,6 +102,9 @@ case "$1" in ifconfig "$BRIDGE_NAME" down || /bin/true brctl delbr "$BRIDGE_NAME" eend $? + + einfo "Re-enabling IPv6" + echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6 eoutdent ;; -- 2.1.4