diff options
| -rw-r--r-- | NEWS | 9 | ||||
| -rw-r--r-- | sysctl.d/50-default.conf | 2 |
2 files changed, 10 insertions, 1 deletions
@@ -70,6 +70,15 @@ CHANGES WITH 240 in spe: glibc is going to make it available too. This locale enables UTF-8 mode by default, which appears appropriate for 2018. + * The "net.ipv4.conf.all.rp_filter" sysctl will now be set to 2 by + default. This effectively switches the RFC3704 Reverse Path filtering + from Strict mode to Loose mode. This is more appropriate for hosts + that have multiple links with routes to the same networks (e.g. + a client with a Wi-Fi and Ethernet both connected to the internet). + + Consult the kernel documetnation for details on this sysctl: + https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt + CHANGES WITH 239: * NETWORK INTERFACE DEVICE NAMING CHANGES: systemd-udevd's "net_id" diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf index e263cf0628..b0645f33e7 100644 --- a/sysctl.d/50-default.conf +++ b/sysctl.d/50-default.conf @@ -22,7 +22,7 @@ kernel.sysrq = 16 kernel.core_uses_pid = 1 # Source route verification -net.ipv4.conf.all.rp_filter = 1 +net.ipv4.conf.all.rp_filter = 2 # Do not accept source routing net.ipv4.conf.all.accept_source_route = 0 |