Matt Hakim a écrit : > On Fri, Jan 29, 2010 at 7:50 AM, Matt Hakim <thepigs@xxxxxxxxx> wrote: >> >>> Forgot about that, sorry. Make sure sysctl net.ipv4.conf.ppp0.rp_filter >>> is set to 0 after ppp0 is created, otherwise the packet is discarded at >>> the input routing decision stage. sysctl net.ipv4.conf.default.rp_filter >>> contains the value that will be set for any new interface. >> >> Didn't seem to help. > > OK its working now, after I did various: > > echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter > echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter What is the kernel version ? In 2.6.31 and newer versions, because of the previous addition of "loose mode" to reverse path filtering in version 2.6.30 (see Documentation/networking/ip-sysct.txt [1]), the combination of net.ipv4.conf.$interface.rp_filter and net.ipv4.conf.all.rp_filter to produce the functional value for $interface was changed from a logical AND into an arithmetic MAX, so net.ipv4.conf.all.rp_filter must also be set to 0 to disable reverse path filtering on an interface. However it should not be necessary to set rp_filter to 0 for eth0 too if it is not used for advanced routing. > Thanks for your help, You're welcome. This is a common but tricky issue. [1] Note for myself : ask to change "conf/all/rp_filter must also be set to non-zero to do source validation on the interface" in ip-sysctl.txt which is no longer true and thus misleading. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
