From 504eb15ecece8a1964797fba606da60060914700 Mon Sep 17 00:00:00 2001
From: joshavant <830519+joshavant@users.noreply.github.com>
Date: Thu, 25 Jan 2024 19:24:34 -0600
Subject: [PATCH] Respect ipv6_disable mechanism

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
---
 tasks/section_3/cis_3.2.x.yml | 1 +
 tasks/section_3/cis_3.3.x.yml | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/tasks/section_3/cis_3.2.x.yml b/tasks/section_3/cis_3.2.x.yml
index f497c448..e12f9118 100644
--- a/tasks/section_3/cis_3.2.x.yml
+++ b/tasks/section_3/cis_3.2.x.yml
@@ -48,6 +48,7 @@
             state: present
             reload: true
             ignoreerrors: true
+        when: ubtu22cis_ipv6_disable == 'sysctl'
         notify:
             - Flush ipv6 route table
 
diff --git a/tasks/section_3/cis_3.3.x.yml b/tasks/section_3/cis_3.3.x.yml
index c4915cca..67b13df4 100644
--- a/tasks/section_3/cis_3.3.x.yml
+++ b/tasks/section_3/cis_3.3.x.yml
@@ -25,6 +25,7 @@
             state: present
             reload: true
             ignoreerrors: true
+        when: ubtu22cis_ipv6_disable == 'sysctl'
         with_items:
             - net.ipv6.conf.all.accept_source_route
             - net.ipv6.conf.default.accept_source_route
@@ -66,6 +67,7 @@
             state: present
             reload: true
             ignoreerrors: true
+        when: ubtu22cis_ipv6_disable == 'sysctl'
         with_items:
             - net.ipv6.conf.all.accept_redirects
             - net.ipv6.conf.default.accept_redirects