On Mon, 21 Apr 2008 13:32:27 -0400 "J. Bruce Fields" <bfields@xxxxxxxxxxxx> wrote: > > I think that's basically correct, but most modern distros turn it on by > > default. From the default /etc/sysctl.conf on my fedora box: > > > > net.ipv4.conf.default.rp_filter = 1 > > > > ...it's generally a good thing to enable, but there are places where it > > needs to be disabled. For instance, my Linksys WRT54g is doing firewall > > duties and has it disabled because the switch ports on it are segmented > > with VLANs and rp_filter interferes with that. > > Actually, the specific question here is: say you have an ethernet > interface 192.168.0.1. Will the kernel deliver a packet that comes from > the network and has source address 192.168.0.1? > Ahh, I misunderstood then. I'm not sure about that specific situation. I doubt that rp_filter would prevent that, but there may be some other mechanism that would. -- Jeff Layton <jlayton@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
