Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

ip: update the description of rp_filter in ip-sysctl.txt

The commit 27fed4175acf81ddd91d9a4ee2fd298981f60295 (ip: fix logic of
reverse path filter sysctl) has changed the logic of rp_filter.  The
document about rp_filter is out of date. Now, setting
conf/all/rp_filte with 0 can also enable source validation.

Update the document according to the commit.

Signed-off-by: Shan Wei <shanwei@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Shan Wei 16 years ago
parent
529fab67d7
commit
1f5865e73f
1 changed files with 2 additions and 2 deletions
Unified View Show Diff Stats
  1. 2 2
      Documentation/networking/ip-sysctl.txt

+ 2 - 2
Documentation/networking/ip-sysctl.txt
View File 

@@ -738,8 +738,8 @@ rp_filter - INTEGER
 
 	to prevent IP spoofing from DDos attacks. If using asymmetric routing
 
 	to prevent IP spoofing from DDos attacks. If using asymmetric routing
 
 	or other complicated routing, then loose mode is recommended.
 
 	or other complicated routing, then loose mode is recommended.
 
 
 
-	conf/all/rp_filter must also be set to non-zero to do source validation
 
-	on the interface
 
+	The max value from conf/{all,interface}/rp_filter is used
 
+	when doing source validation on the {interface}.
 
 
 
 	Default value is 0. Note that some distributions enable it
 
 	Default value is 0. Note that some distributions enable it
 
 	in startup scripts.
 
 	in startup scripts.