LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Strange Behaviour with /etc/sysctl.conf (https://www.linuxquestions.org/questions/slackware-14/strange-behaviour-with-etc-sysctl-conf-4175587485/)

LQSlacker 08-19-2016 09:48 PM
Strange Behaviour with /etc/sysctl.conf
 
Does sysctl.conf need a startup option like below for rc.local to work properly?

# Configure runtime kernel parameters:
if [ -x /sbin/sysctl -a -r /etc/sysctl.conf ]; then
/sbin/sysctl -e -p /etc/sysctl.conf
fi

If I don't use the startup in rc.local I do see options being loaded when I restart the computer, but two of my options in the sysctl.conf aren't being loaded, which I don't understand why....

These are the two that don't get loaded unless I use the start option in the rc.local

net.ipv4.conf.all.log_martians
net.ipv4.conf.all.rp_filter

Why is this happening?


These are the options I have in /etc/sysctl.conf

# Debug Crashed Linux Application Core Files
kernel.core_uses_pid = 1
kernel.core_pattern = /tmp/core-%e-%s-%u-%g-%p-%t
fs.suid_dumpable = 2

# kptr_restrict
# This toggle indicates whether restrictions
# are placed on exposing kernel addresses via
# /proc and other interfaces.
kernel.kptr_restrict = 2

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Log suspicious martian packets
net.ipv4.conf.all.log_martians = 1

# reverse path filtering
# check whether a receiving packet source address is routable
# = 1 indicates, that the kernel will do source validation by confirming reverse path
net.ipv4.conf.all.rp_filter = 1

# Disables sending of all IPv4 ICMP redirected packets on all interfaces
net.ipv4.conf.all.send_redirects = 0

# Disables IP source routing
net.ipv4.conf.default.accept_source_route = 0

# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0

ml4711 08-20-2016 03:42 AM
sysctl is called from rc.S

But those parameters you mentioned
are not available before the network is up and running.

So it has to be done later.

Se rc.ip_forward as an exsample of how sysctl is called again later.

Cheers
Morten

LQSlacker 08-20-2016 05:22 PM
I noticed with dhcp client and not using the NetworkManager or wicd this is getting loaded...

I assumed between dhcp client, NetworkManager or wicd, it's all being loaded at the same time the network?


Rather then running the start cmd out of rc.local, which seems redundant to run over what's already loaded, is there a
way to just load which isn't?

ml4711 08-21-2016 01:44 AM
Quote:
Rather then running the start cmd out of rc.local, which seems redundant
to run over what's already loaded, is there a way to just load which isn't?
Code:
/sbin/sysctl net.ipv4.conf.all.log_martians=1
/sbin/sysctl net.ipv4.conf.all.rp_filter=1
Obs! no space around "="

Cheers
Morten

LQSlacker 08-21-2016 04:32 PM
Actually after making my last reply I realized I could do this;

/etc/sysctl.d/network.conf

net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.all.rp_filter = 1


Then in rc.local;

# Start additional kernel parameters
sysctl -p /etc/sysctl.d/network.conf


All times are GMT -5. The time now is 01:28 AM.