From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dragan Simic Date: Mon, 29 Apr 2002 06:32:51 +0000 Subject: [LARTC] sysctl & rp_filter (fwd) Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Hi all ! I noticed a small (typo?) error in section "13.1. Reverse Path Filtering", which says: -- The following fragment will turn this on for all current and future interfaces. # for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do > echo 2 > $i > done -- According to /usr/src/linux/Documentation/networking/ip-sysctl.txt , there should be "echo 1 > $i", because the ip-sysctl.txt says: -- rp_filter - BOOLEAN 1 - do source validation by reversed path, as specified in RFC1812 Recommended option for single homed hosts and stub network routers. Could cause troubles for complicated (not loop free) networks running a slow unreliable protocol (sort of RIP), or using static routes. 0 - No source validation. Default value is 0. Note that some distributions enable it in startip scripts. -- Also, according to my personal experience, Reverse Path filtering doesn't work with "echo 2 > $i". -- .----------------------------------------------------------------------------. | Pozdrav / Best Wishes, dsimic@urc.bl.ac.yu | LL The Choice of | | Dragan Simic RS.BA Hostmaster | LL GNU | | URC B.Luka / RSKoming.NET System/Network Admin | LLLL i n u x Generation | `----------------------------------------------------------------------------' _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/