Add some IPv6 options

etc/sysctl.d/30_security-misc.conf

@@ -82,6 +82,8 @@ net.ipv6.conf.default.accept_redirects=0
 ## Disables ICMP redirect sending.
 net.ipv4.conf.all.send_redirects=0
 net.ipv4.conf.default.send_redirects=0
+net.ipv6.conf.all.accept_redirects=0
+net.ipv6.conf.default.accept_redirects=0
 
 ## Ignores ICMP requests.
 net.ipv4.icmp_echo_ignore_all=1
@@ -92,6 +94,8 @@ net.ipv4.tcp_syncookies=1
 ## Disable source routing.
 net.ipv4.conf.all.accept_source_route=0
 net.ipv4.conf.default.accept_source_route=0
+net.ipv6.conf.all.accept_source_route=0
+net.ipv6.conf.default.accept_source_route=0
 
 ## Enable reverse path filtering to prevent IP spoofing and
 ## mitigate vulnerabilities such as CVE-2019-14899.
@@ -149,3 +153,8 @@ vm.swappiness=1
 ## Disallow kernel profiling by users without CAP_SYS_ADMIN
 ## https://www.kernel.org/doc/Documentation/sysctl/kernel.txt
 kernel.perf_event_paranoid=3
+
+# Do not accept router advertisments
+net.ipv6.conf.all.accept_ra=0
+net.ipv6.conf.default.accept_ra=0
+