net/ipv4/conf/* config order

net/ipv4/conf/* config order

[Narancs v1]

Hi all!

sysctl -a|grep source
net/ipv4/conf/eth2/accept_source_route = 1
net/ipv4/conf/eth1/accept_source_route = 1
net/ipv4/conf/eth0/accept_source_route = 1
net/ipv4/conf/lo/accept_source_route = 1
net/ipv4/conf/default/accept_source_route = 1
net/ipv4/conf/all/accept_source_route = 0

so does it mean, that source routed packets are all dropped in all
interfaces, or does it mean that all accepted?

Yes, I want to disable it, and some other parameters, too, so shall I set
all of them respectively to 0 or 'all' = 0 will do the task?

thanks!

linux 2.4.18

-------------------------
Narancs v1
IT Security Administrator
Warning: This is a really short .sig! Vigyazat: ez egy nagyon rovid szig!

Re: net/ipv4/conf/* config order

[Roberto Nibali]

Hello,

> sysctl -a|grep source
> net/ipv4/conf/eth2/accept_source_route = 1
> net/ipv4/conf/eth1/accept_source_route = 1
> net/ipv4/conf/eth0/accept_source_route = 1
> net/ipv4/conf/lo/accept_source_route = 1
> net/ipv4/conf/default/accept_source_route = 1
> net/ipv4/conf/all/accept_source_route = 0

Basically, accept_source_route says how to handle packets with the SRR 
option set. If 1 (default for a router) it accepts those packets, if 0 
(default for a host) it will drop them. [This is actually written in 
../Documentation/networking/ip-sysctl.txt]

> so does it mean, that source routed packets are all dropped in all
> interfaces, or does it mean that all accepted?

They will be dropped on all interfaces since /all/accept_source_route=0.
Now you need to know that:

/all/${var}     means: enable this feature ${var}
/default/${var} means: inherit /all/${var} on newly instances of a
                        physical interface

> Yes, I want to disable it, and some other parameters, too, so shall I set
> all of them respectively to 0 or 'all' = 0 will do the task?

all=0 should do the task.

Best regards,
Roberto Nibali, ratz

ps.: I don't think this question belongs to lkml, next time you should
      maybe choose linux-net@vger.kernel.org.
-- 
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc

Re: net/ipv4/conf/* config order

[Thomas 'Dent' Mirlacher]

--snip/snip

> > sysctl -a|grep source
> > net/ipv4/conf/eth2/accept_source_route = 1
> > net/ipv4/conf/eth1/accept_source_route = 1
> > net/ipv4/conf/eth0/accept_source_route = 1
> > net/ipv4/conf/lo/accept_source_route = 1
> > net/ipv4/conf/default/accept_source_route = 1
> > net/ipv4/conf/all/accept_source_route = 0
> 
> Basically, accept_source_route says how to handle packets with the SRR 
> option set. If 1 (default for a router) it accepts those packets, if 0 
> (default for a host) it will drop them. [This is actually written in 
> ../Documentation/networking/ip-sysctl.txt]

--snip/snip
> ps.: I don't think this question belongs to lkml, next time you should
>       maybe choose linux-net@vger.kernel.org.

beside your explanation, IMHO this belongs to the ML, since the
implementation generates confusion for the user.

wouldn't it be better to implement something like

/all/* = -1	means i don't have set this for all

and if i set something for /all/* this should be reflected in the individual
entries as well?

	just my $0.02

		tm

-- 
in some way i do, and in some way i don't.

Re: net/ipv4/conf/* config order

[Narancs v1]

On Mon, 13 May 2002, Roberto Nibali wrote:

[...]

> They will be dropped on all interfaces since /all/accept_source_route=0.
[..]
> all=0 should do the task.

thanks!!!

> ps.: I don't think this question belongs to lkml, next time you should
>       maybe choose linux-net@vger.kernel.org.

ok, next time. I did not know that linux-net exists ;-)

-------------------------
Narancs v1
IT Security Administrator
Warning: This is a really short .sig! Vigyazat: ez egy nagyon rovid szig!