[ILUG] Routing.

Tue Jan 15 16:16:47 GMT 2002

On Tue, 15 Jan 2002 15:10:18 Mark Kilmartin wrote:

> The only option which I can find in fwbuilder which may help with this
> is Accept source route.
> Can anybody explain what this option is and if it might help me.
> 
> Or can anybody suggest another solution.

echo "0" >/proc/sys/net/ipv4/conf/all/rp_filter

This will turn off reverse path filtering.  Substitute all with the 
interface in question if you know which one the route is being dumped at.

rp_filter - BOOLEAN
         1 - do source validation by reversed path, as specified in RFC1812
             Recommended option for single homed hosts and stub network
             routers. Could cause troubles for complicated (not loop free)
             networks running a slow unreliable protocol (sort of RIP),
             or using static routes.

         0 - No source validation.

         Default value is 0. Note that some distributions enable it
         in startip scripts.

Debian sets this to "1" by default for added security.

Add the following to /etc/sysctl.conf:
net/ipv4/conf/all/rp_filter=0

Martin.