2013-12-03 16:12:37 +04:00
|
|
|
# ip forwarding (default = 0)
|
|
|
|
net.ipv4.ip_forward = 0
|
|
|
|
# filtering by source IP address (default = 0)
|
|
|
|
net.ipv4.conf.all.rp_filter = 1
|
|
|
|
net.ipv4.conf.default.rp_filter = 1
|
|
|
|
# ICMP-messages for routes (default = 1)
|
|
|
|
net.ipv4.conf.default.accept_redirects = 0
|
|
|
|
# enable secure redirects (default = 1)
|
|
|
|
net.ipv4.conf.all.secure_redirects = 1
|
|
|
|
# forbid sender to define route (default = 0)
|
|
|
|
net.ipv4.conf.default.accept_source_route = 0
|
2014-10-20 10:07:01 +04:00
|
|
|
# Invalidate / discard packets when the route for outbound
|
|
|
|
# traffic differs from the route of incoming traffic
|
|
|
|
net.ipv4.conf.default.rp_filter = 1
|
|
|
|
net.ipv4.conf.all.rp_filter = 1
|