On Sun, Oct 6, 2013 at 11:32 PM, Lennart Poettering
<mzerqung@xxxxxxxxxxx> wrote:
> This is the general problem that IP forwarding is no local setting, and
> that the global setting has no inherent concept of ownership or
> refcounting.
The proper place for this seems to be firewalld, which should not only
control the individual sysctl, but also the more detailed forwarding
semantics (i.e. the application should request a specific, fairly
high-level forwarding scenario ("do a NAT of all traffic from
$this_ethernet and $this_wifi to $that ethernet"), and the firewall
should manage both iptables and sysctl.
I guess this is suggestion wouldn't be currently met with universal
approval, would it?
Mirek
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
