Hello, On Thu, 16 Jan 2003, Dragan Simic wrote: > I had 2.4.x in mind when I wrote this about rp_filter values. In any case, > in the LARTC should be cleared out what applies to 2.2 branch, and what to > 2.4 branch. It's true, in 2.2.23, there are three options (0,1,2); and > there are two options (0,1) in 2.4.20. This is wrong, all kernels (2.2, 2.4, 2.5) treat 2 as 1, i.e. only 1 and 0 are enough to distinguish the two possible states: enable/disable source address validation. As for all/rp_filter, it is only a flag that says "0 disables the spoofing check for all interfaces". include/linux/inetdevice.h is a good source for information about whether 0 or 1 as value for all/XXX changes globally the feature for all interfaces. For rp_filter it is 0, for send_redirects it is 1. Regards -- Julian Anastasov <ja@ssi.bg>
