LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-01-2008, 02:05 AM   #1
noriko_q
LQ Newbie
 
Registered: Mar 2008
Posts: 3

Rep: Reputation: 0
how to disable ip forwarding?


Hi,

I m using SUSE Enterprise Server 9.
Not sure if anyone could guide me on how to disable the IP forwarding.

went to /proc/sys/net/ipv4/conf/eth0/accept_redirects to set it to 0 and /sbin/sysctl -w net.ipv4.conf.eth1.accept_redirects=0
but once i reboot the system it will enable again.

how can i set it permanently.
 
Old 04-01-2008, 02:29 AM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
Don't you want to change
/proc/sys/net/ipv4/ip_forward?

Either disable forwarding in YaST2 or edit /etc/sysconfig/sysctl.
 
Old 04-01-2008, 11:14 PM   #3
noriko_q
LQ Newbie
 
Registered: Mar 2008
Posts: 3

Original Poster
Rep: Reputation: 0
other than that ,i also need to disable the /proc/sys/net/ipv4/conf/eth0/accept_redirects, send_ redirects and accept_source_route. Do u know what should i do to permantently disable them.
 
Old 04-01-2008, 11:45 PM   #4
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
I grep'ed the files in /etc that source /etc/sysconfig/sysctl:

Code:
/etc/rc.d/boot.d/S08boot.localfs:. /etc/sysconfig/sysctl
/etc/rc.d/boot.d/K14boot.localfs:. /etc/sysconfig/sysctl
/etc/rc.d/boot.d/K10boot.ipconfig:. /etc/sysconfig/sysctl
/etc/rc.d/boot.d/K12boot.proc:. /etc/sysconfig/sysctl
/etc/rc.d/boot.d/S12boot.ipconfig:. /etc/sysconfig/sysctl
/etc/rc.d/boot.proc:. /etc/sysconfig/sysctl
/etc/rc.d/boot.ipconfig:. /etc/sysconfig/sysctl
/etc/rc.d/boot.localfs:. /etc/sysconfig/sysctl
/etc/rc.d/boot.sysctl:. /etc/sysconfig/sysctl
/etc/rc.d/boot.sysctl:  # in /etc/sysconfig/sysctl
Either add the echo commands you need to /etc/init.d/boot.local or /etc/rc.d/boot.ipconfig:
Code:
   #
   # Enable IP forwarding ?
   #
   if test -e /proc/sys/net/ipv4/ip_forward -a -n "$IP_FORWARD" ; then
    case $IP_FORWARD in
      yes)
        echo -n "Enabling IP forwarding"
        echo "1" > /proc/sys/net/ipv4/ip_forward
      ;;
      *)
        echo -n "Disabling IP forwarding"
        echo "0" > /proc/sys/net/ipv4/ip_forward
        echo "0" > /proc/sys/net/ipv4/conf/eth0/accept_redirects
        echo "0" > /proc/sys/net/ipv4/conf/eth1/accept_redirects
      ;;
    esac
    rc_status -v -r
boot.local sounds a bit more proper to me but boot.ipconfig would allow you to disable these items if you disable IP_FORWARD in /etc/sysconfig/sysctl.
 
Old 04-01-2008, 11:50 PM   #5
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
These settings may be better instead of per interface settings:
Code:
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects

echo 0 > /proc/sys/net/ipv6/conf/all/accept_redirects
echo 0 > /proc/sys/net/ipv6/conf/all/send_redirects
Editing /etc/sysctl.conf may also work as well.

Last edited by jschiwal; 04-01-2008 at 11:55 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
dbx command for corrosponding commands disable or disable on gdb bshankha AIX 0 09-26-2006 09:38 AM
Simple Port Forwarding Firewall - not forwarding MadTurki Linux - Security 14 04-09-2006 12:08 PM
what are the services i can disable, also disable ads, banners in konqueror? greythorne SUSE / openSUSE 3 03-16-2005 08:30 AM
Internet slow down! how to disable packet forwarding? Creeps Linux - Networking 7 09-16-2004 02:07 AM
port forwarding and packet forwarding syrtsardo Linux - Newbie 2 07-03-2003 10:37 AM


All times are GMT -5. The time now is 02:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration