Hi connman devs, We're running connman on a system using PTP (IEEE1588). The problem is that connman is fiddling with the rp_filter settings and activating loose mode routing (value 2) if two or more services are present. We cannot have ip_filter activated because it blocks certain PTP frames. According to this I have two questions:
1) I currently do not understand the following: Rp_filter is just a recommended security practice (RFC3704). But the connman commit message sounds like rp_filter is needed to ensure proper functionality with two or more interfaces. commit cb3e78500a2539a61d73ecb9708a2b06ea1f356d Author: Jukka Rissanen <[email protected]<mailto:[email protected]>> Date: Fri Oct 21 11:16:55 2011 +0300 service: Activate loose mode routing If more than one service is connected at the same time, then activate loose mode routing by setting the /proc/sys/net/ipv4/conf/all/rp_filter to value 2 If the loose mode routing is not activated, then packets are not routed properly if services are connected to same subnet. The original value of rp_filter is restored when the other services are disconnected and only one service is connected. For details of rp_filter setting, see Linux kernel file Documentation/networking/ip-sysctl.txt Fixes BMC#23606 What means "not routed properly"? Can we run into any problems when disabling rp_filter but having multiple interfaces/services (e.g. Ethernet and WiFi)? Is the actual reason that connman sets rp_filter because of security or are there any other reasons? 2) What is your opinion about a submitting patch which introduces a config option to never change rp_filter settings? Are there good changes to have this integrated in the main sources. Thanks, Urs _______________________________________________ connman mailing list [email protected] https://lists.connman.net/mailman/listinfo/connman
