search for: send_redirects

...-m comment --comment "test" -j DNAT --to-destination 10.0.0.20:2424 cat >> /etc/sysctl.conf << 'EOF' # Custom Settings for Forwarding and OpenSwan net.ipv4.ip_forward=1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 EOF sysctl -p So, in 10.0.0.20 I do "nc -l 2424". But when I go to hostc and then try to do "nc -v 192.168.41.1 2424", connection does not take place. Thinking I've done something wrong, I replicated the very same setup in virtua...

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=40 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From laforge@netfilter.org 2003-02-03 16:49 ------- We haven't seen this

....rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0 net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 vm.vf...

On 04/11/2016 11:33 AM, Laine Stump wrote: > Interesting. That functionality was moved out of the kernel's bridge > module into br_netfilter some time back, but that was done later than > the kernel 3.10 that is used by CentOS 7. Are you running some later > kernel version? > > If your kernel doesn't have a message in dmesg that looks like this: > > bridge:

..._pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.ip_forward = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 1 net.ipv4.conf.all.rp_filter = 1 kernel.sysrq = 1 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 1 </pre> ---------- **Server 2** I've added a single test ip (8.8.8.8) to server two to test if it works before bringing IPSEC into the equation Here is an *ip a* <pre> # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue sta...

...pv4.conf.all.rp_filter=1 #net.ipv4.tcp_syncookies=1 net.ipv4.ip_forward=1 #net.ipv4.conf.br0.proxy_arp=1 #net.ipv4.conf.eth0.proxy_arp=1 #net.ipv4.conf.eth1.proxy_arp=1 #net.ipv6.conf.all.forwarding=1 #net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 #net.ipv4.conf.all.send_redirects = 0 #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_source_route = 0 #net.ipv4.conf.all.log_martians = 1 net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0 *** Any idea what I''m doing wrong here??????...

...0/24 never passed the LOC interface of the FW, but rather injected directly into the switch), it dropped the (as it thought) erranous packages silently (This would have been seen if LOGNEWNOTSYN had been enabled in shorewall.conf. Also: I chose to do "echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects" in the startup of shorewall to prevent the FW of redirecting hosts directly to the VPN routers. This was done to be able to "enforce" policies in the FW. (Yes, users COULD add a route themselves, but that is not a big consern) ======================================================...

Hello, Should "route -C" show the RTCF_REDIRECTED flag ? (0x00040000). I had searched in the code and it seems that it should show this flag by "r". However, I could not show this flag by "route -c " even that it should have been there. I have the following scenario where I have this flag set. I see it in cat /proc/net/rt_cache but **not** in route -C. (BTW,

Hello, everyone! I would like to solve the following problem. Btw, I''m terribly sorry about the pseudo-asciiart, but that''s all I can paint as a tropology. I''m hoping it''ll be enough. ----Internet---- | | | eth0 machine A routing+ipchains eth1 | ------------------ machine B So, given I''m running kernel 2.4.19 and using ipchains

hi folks, after long trying i need some help from the big world :-) question ******** when I boot a guest system, tried debian 6.0.2 amd64 firmware, I get errors like: 1) after click install on debian 6.0.2 installer [0.642450] vbd vbd-5632: 19 xenbus_dev_probe on device/vbd/5632 [0.642911] vbd vbd-5632: failed to write error node for device/vbd/5632 (19 xenbus_dev_probe on device/vbd/5632) 2)

hi folks, after long trying i need some help from the big world :-) question ******** when I boot a guest system, tried debian 6.0.2 amd64 firmware, I get errors like: 1) after click install on debian 6.0.2 installer [0.642450] vbd vbd-5632: 19 xenbus_dev_probe on device/vbd/5632 [0.642911] vbd vbd-5632: failed to write error node for device/vbd/5632 (19 xenbus_dev_probe on device/vbd/5632) 2)