mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-29 19:13:39 +01:00
16 lines
651 B
Plaintext
16 lines
651 B
Plaintext
1) In kernel 2.6.31, the handling of the rp_filter interface option was
|
|
changed incompatibly. Previously, the effective value was determined
|
|
by the setting of net.ipv4.config.dev.proxy_arp logically ANDed with
|
|
the setting of net.ipv4.config.all.proxy_arp.
|
|
|
|
Beginning with kernel 2.6.31, the value is the arithmetic MAX of
|
|
those two values.
|
|
|
|
Given that Shorewall sets net.ipv4.config.all.proxy_arp to 1 if
|
|
there are any interfaces specifying 'routefilter', specifying
|
|
'routefilter' on any interface has the effect of setting the option
|
|
on all interfaces.
|
|
|
|
A workaround for this problem is included in Shorewall 4.4.5.1.
|
|
|