-stable review patch. If anyone has any objections, please let us know.
---------------------
From: Dave Jones <[email protected]>
As mentioned in http://bugzilla.kernel.org/show_bug.cgi?id=5015
The helptext implies that this is on by default.
This may be true on some distros (Fedora/RHEL have it enabled
in /etc/sysctl.conf), but the kernel defaults to it off.
Signed-off-by: Dave Jones <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Chris Wright <[email protected]>
---
net/ipv4/Kconfig | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- linux-2.6.20.13.orig/net/ipv4/Kconfig
+++ linux-2.6.20.13/net/ipv4/Kconfig
@@ -43,11 +43,11 @@ config IP_ADVANCED_ROUTER
asymmetric routing (packets from you to a host take a different path
than packets from that host to you) or if you operate a non-routing
host which has several IP addresses on different interfaces. To turn
- rp_filter off use:
+ rp_filter on use:
- echo 0 > /proc/sys/net/ipv4/conf/<device>/rp_filter
+ echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter
or
- echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
+ echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
If unsure, say N here.
--
Chris Wright <[email protected]> wrote:
>
> --- linux-2.6.20.13.orig/net/ipv4/Kconfig
> +++ linux-2.6.20.13/net/ipv4/Kconfig
> @@ -43,11 +43,11 @@ config IP_ADVANCED_ROUTER
> asymmetric routing (packets from you to a host take a different path
> than packets from that host to you) or if you operate a non-routing
> host which has several IP addresses on different interfaces. To turn
> - rp_filter off use:
> + rp_filter on use:
>
> - echo 0 > /proc/sys/net/ipv4/conf/<device>/rp_filter
> + echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter
> or
> - echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
> + echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
BTW, this documentation is actually wrong. You can't enable rp_filter
on all interfaces with
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
You must do that in conjunction with
echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter
for it to work for <device>.
This is really counter-intuitive but it's apparently how it's always
worked.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Sat, Jun 09, 2007 at 11:20:43AM +1000, Herbert Xu wrote:
> Chris Wright <[email protected]> wrote:
> >
> > --- linux-2.6.20.13.orig/net/ipv4/Kconfig
> > +++ linux-2.6.20.13/net/ipv4/Kconfig
> > @@ -43,11 +43,11 @@ config IP_ADVANCED_ROUTER
> > asymmetric routing (packets from you to a host take a different path
> > than packets from that host to you) or if you operate a non-routing
> > host which has several IP addresses on different interfaces. To turn
> > - rp_filter off use:
> > + rp_filter on use:
> >
> > - echo 0 > /proc/sys/net/ipv4/conf/<device>/rp_filter
> > + echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter
> > or
> > - echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
> > + echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
>
> BTW, this documentation is actually wrong. You can't enable rp_filter
So to fix the documentation, we should change the word "or" to "and".
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt