From: Dragan Simic <dsimic@oracle.urc.bl.ac.yu>
To: lartc@vger.kernel.org
Subject: [LARTC] sysctl & rp_filter (fwd)
Date: Mon, 29 Apr 2002 06:32:51 +0000 [thread overview]
Message-ID: <marc-lartc-102006171011017@msgid-missing> (raw)
Hi all !
I noticed a small (typo?) error in section "13.1. Reverse Path
Filtering", which says:
--
The following fragment will turn this on for all current and future
interfaces.
# for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
> echo 2 > $i
> done
--
According to /usr/src/linux/Documentation/networking/ip-sysctl.txt ,
there should be "echo 1 > $i", because the ip-sysctl.txt says:
--
rp_filter - BOOLEAN
1 - do source validation by reversed path, as specified in RFC1812
Recommended option for single homed hosts and stub network
routers. Could cause troubles for complicated (not loop free)
networks running a slow unreliable protocol (sort of RIP),
or using static routes.
0 - No source validation.
Default value is 0. Note that some distributions enable it
in startip scripts.
--
Also, according to my personal experience, Reverse Path filtering
doesn't work with "echo 2 > $i".
--
.----------------------------------------------------------------------------.
| Pozdrav / Best Wishes, dsimic@urc.bl.ac.yu | LL The Choice of |
| Dragan Simic RS.BA Hostmaster | LL GNU |
| URC B.Luka / RSKoming.NET System/Network Admin | LLLL i n u x Generation |
`----------------------------------------------------------------------------'
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next reply other threads:[~2002-04-29 6:32 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-04-29 6:32 Dragan Simic [this message]
2002-04-29 6:51 ` [LARTC] sysctl & rp_filter (fwd) bert hubert
2002-04-29 9:36 ` bert hubert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-102006171011017@msgid-missing \
--to=dsimic@oracle.urc.bl.ac.yu \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.