extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 01:37:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Correct description of the 'sourceroute' interface option.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-02-18 11:33:19 -08:00
parent 088fc1a3a3
commit 010c44d07a
2 changed files with 7 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall/manpages/shorewall-interfaces.xml
View File

@ -675,10 +675,9 @@ loc eth2 -</programlisting>
<listitem> <listitem>
<para>If this option is not specified for an interface, then <para>If this option is not specified for an interface, then
source-routed packets will not be accepted from that interface source-routed packets will not be accepted from that interface
(sets unless it has been explicitly enabled via sysconf. Only set
/proc/sys/net/ipv4/conf/<emphasis>interface</emphasis>/accept_source_route this option to 1 (enable source routing) if you know what you
to 1). Only set this option if you know what you are doing. are doing. This might represent a security risk and is usually
This might represent a security risk and is usually
unneeded.</para> unneeded.</para>
<para>Only those interfaces with the <para>Only those interfaces with the
@ -686,8 +685,6 @@ loc eth2 -</programlisting>
changed; the value assigned to the setting will be the value changed; the value assigned to the setting will be the value
specified (if any) or 1 if no value is given.</para> specified (if any) or 1 if no value is given.</para>
<para></para>
<note> <note>
<para>This option does not work with a wild-card <para>This option does not work with a wild-card
<replaceable>interface</replaceable> name (e.g., eth0.+) in <replaceable>interface</replaceable> name (e.g., eth0.+) in

9
Shorewall6/manpages/shorewall6-interfaces.xml
View File

@ -394,15 +394,14 @@ loc eth2 -</programlisting>
<listitem> <listitem>
<para>If this option is not specified for an interface, then <para>If this option is not specified for an interface, then
source-routed packets will not be accepted from that interface source-routed packets will not be accepted from that interface
(sets unless explicitly enabled via sysconf. Only set this option to
/proc/sys/net/ipv6/conf/<emphasis>interface</emphasis>/accept_source_route 1 (enable source routing) if you know what you are doing. This
to 1). Only set this option if you know what you are doing. might represent a security risk and is not usually
This might represent a security risk and is not usually
needed.</para> needed.</para>
<para>Only those interfaces with the <para>Only those interfaces with the
<option>sourceroute</option> option will have their setting <option>sourceroute</option> option will have their setting
changes; the value assigned to the setting will be the value changed; the value assigned to the setting will be the value
specified (if any) or 1 if no value is given.</para> specified (if any) or 1 if no value is given.</para>
<note> <note>