shorewall_code/Shorewall/known_problems.txt

1) In kernel 2.6.31, the handling of the rp_filter interface option was
   changed incompatibly. Previously, the effective value was determined
   by the setting of net.ipv4.config.dev.rp_filter logically ANDed with
   the setting of net.ipv4.config.all.rp_filter.

   Beginning with kernel 2.6.31, the value is the arithmetic MAX of
   those two values. 

   Given that Shorewall sets net.ipv4.config.all.rp_filter to 1 if
   there are any interfaces specifying 'routefilter', specifying
   'routefilter' on any interface has the effect of setting the option
   on all interfaces.

   A workaround for this problem is included in Shorewall 4.4.5.1.
Update known problems 2009-12-20 00:24:33 +01:00			`1) In kernel 2.6.31, the handling of the rp_filter interface option was`
			`changed incompatibly. Previously, the effective value was determined`
Replace 'proxy_arp' with 'rp_filter' 2009-12-20 16:37:30 +01:00			`by the setting of net.ipv4.config.dev.rp_filter logically ANDed with`
			`the setting of net.ipv4.config.all.rp_filter.`
Update known problems 2009-12-20 00:24:33 +01:00
			`Beginning with kernel 2.6.31, the value is the arithmetic MAX of`
			`those two values.`

Replace 'proxy_arp' with 'rp_filter' 2009-12-20 16:37:30 +01:00			`Given that Shorewall sets net.ipv4.config.all.rp_filter to 1 if`
Update known problems 2009-12-20 00:24:33 +01:00			`there are any interfaces specifying 'routefilter', specifying`
			`'routefilter' on any interface has the effect of setting the option`
			`on all interfaces.`
Update known problems with fix information 2009-12-20 16:31:35 +01:00
			`A workaround for this problem is included in Shorewall 4.4.5.1.`