Merge pull request #9 from hardening-io/ignore_ras

ignore RAs on Ipv6

roles/ansible-os-hardening/tasks/sysctl.yml

@@ -13,6 +13,12 @@
   sysctl: name='net.ipv6.conf.all.forwarding' value=1 sysctl_set=yes state=present reload=yes ignoreerrors=yes
   when: os_network_forwarding and os_network_ipv6_enable
 
+- name: ignore RAs on Ipv6
+  sysctl: name='net.ipv6.conf.all.accept_ra' value=0 sysctl_set=yes state=present reload=yes ignoreerrors=yes
+
+- name: ignore RAs on Ipv6
+  sysctl: name='net.ipv6.conf.default.accept_ra' value=0 sysctl_set=yes state=present reload=yes ignoreerrors=yes
+
 - name: Enable RFC-recommended source validation feature.
   sysctl: name='net.ipv4.conf.all.rp_filter' value=1 sysctl_set=yes state=present reload=yes ignoreerrors=yes