Tom Eastep wrote: > In kernel 2.6.31, the handling of the rp_filter interface option was > changed incompatibly. Previously, the effective value was determined > by the setting of net.ipv4.config.dev.proxy_arp logically ANDed with > the setting of net.ipv4.config.all.proxy_arp. > > Beginning with kernel 2.6.31, the value is the arithmetic MAX of > those two values. Additionally, a 'loose' routefiltering facility is now > enabled by setting the effective value of proxy_arp to 2. > > Given that Shorewall sets net.ipv4.config.all.proxy_arp to 1 if > there are any interfaces specifying 'routefilter', specifying > 'routefilter' on any interface has the effect of setting the option > on all interfaces.
All above is about rp_filter option, not about proxy_arp, or I don't understand. :) Best regards Andrzej Odyniec ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
