IP-Forwarding
Eric Hines
eehines at comcast.net
Sat Jul 9 04:20:19 UTC 2005
Thanks. The docs help, too.
Eric Hines
Deron Meranda wrote:
>On 7/8/05, Eric Hines <eehines at comcast.net> wrote:
>
>
>>I must add the command
>>
>> echo 1 > /proc/sys/net/ipv4/ip_forward
>>
>>to the /etc/rc.d/boot.local. This person also advises that "I may want
>>to do the echo command last and include "0" in the init scripts, since
>>it opens up your network for a short time."
>>
>>
>
>As others have mentioned you can set most kernel tunables (as
>most anything under /proc/sys) by just editing /etc/sysctl.conf.
>Read up on the man pages for sysctl(1) and sysctl.conf(5).
>
>If you install the kernel documentation (yum install kernel-doc), you
>can read up on what most things do by reading the files under
>/usr/share/doc/kernel-doc-2.6.11/Documentation/sysctl/
>
>You shouldn't need to worry about exposure during boot. All your
>iptables firewall rules are loaded before the network interfaces are
>brought up. Be sure to add whatever you want to your FORWARD
>chain, and save it with iptables-save.
>
>Note that just for safety, you may want to explicitly set your IPv6
>stack to not do forwarding unless you're purposefully routing IPv6.
>See /proc/sys/net/ipv6/conf/default/forwarding
>
>
--
He can compress the most words into the smallest ideas of any man
I ever met.
- Abraham Lincoln
More information about the fedora-list
mailing list