diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2009-08-26 10:00:38 -0500 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 22:41:17 +0200 |
commit | 5a12e7c134274dba706667107d10d231517d3e05 (patch) | |
tree | 55718d5acb710fde798d9f38d0bbaf594ed4b296 /source/n/network-scripts/scripts/rc.ip_forward | |
download | current-5a12e7c134274dba706667107d10d231517d3e05.tar.gz |
Slackware 13.0slackware-13.0
Wed Aug 26 10:00:38 CDT 2009
Slackware 13.0 x86_64 is released as stable! Thanks to everyone who
helped make this release possible -- see the RELEASE_NOTES for the
credits. The ISOs are off to the replicator. This time it will be a
6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We're taking pre-orders now at store.slackware.com. Please consider
picking up a copy to help support the project. Once again, thanks to
the entire Slackware community for all the help testing and fixing
things and offering suggestions during this development cycle.
As always, have fun and enjoy! -P.
Diffstat (limited to 'source/n/network-scripts/scripts/rc.ip_forward')
-rw-r--r-- | source/n/network-scripts/scripts/rc.ip_forward | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/source/n/network-scripts/scripts/rc.ip_forward b/source/n/network-scripts/scripts/rc.ip_forward new file mode 100644 index 00000000..8940dc2c --- /dev/null +++ b/source/n/network-scripts/scripts/rc.ip_forward @@ -0,0 +1,78 @@ +#!/bin/sh +# /etc/rc.d/rc.ip_forward: start/stop IP packet forwarding +# +# If you intend to run your Linux box as a router, i.e. as a +# computer that forwards and redistributes network packets, you +# will need to enable IP packet forwarding in your kernel. +# +# To activate IP packet forwarding at boot time, make this +# script executable: chmod 755 /etc/rc.d/rc.ip_forward +# +# To disable IP packet forwarding at boot time, make this +# script non-executable: chmod 644 /etc/rc.d/rc.ip_forward + +# Start IP packet forwarding: +ip_forward_start() { + if [ -f /proc/sys/net/ipv4/ip_forward ]; then + echo "Activating IPv4 packet forwarding." + echo 1 > /proc/sys/net/ipv4/ip_forward + # Changing /proc/sys/net/ipv4/ip_forward results in resetting all + # non-default ipv4 parameters for the interface as mentioned in + # /usr/src/linux/Documentation/networking/ip-sysctl.txt. So, we + # will reapply any ipv4 sysctl parameters now: + if [ -r /etc/sysctl.conf ]; then + /bin/grep ipv4 /etc/sysctl.conf | sysctl -p - 1> /dev/null 2> /dev/null + fi + fi + # When using IPv4 packet forwarding, you will also get the + # rp_filter, which automatically rejects incoming packets if the + # routing table entry for their source address doesn't match the + # network interface they're arriving on. This has security + # advantages because it prevents the so-called IP spoofing, + # however it can pose problems if you use asymmetric routing + # (packets from you to a host take a different path than packets + # from that host to you) or if you operate a non-routing host + # which has several IP addresses on different interfaces. To + # turn rp_filter off, uncomment the lines below: + #if [ -r /proc/sys/net/ipv4/conf/all/rp_filter ]; then + # echo "Disabling rp_filter." + # echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter + #fi +} + +# Stop IP packet forwarding: +ip_forward_stop() { + if [ -f /proc/sys/net/ipv4/ip_forward ]; then + echo "Disabling IPv4 packet forwarding." + echo 0 > /proc/sys/net/ipv4/ip_forward + # Changing /proc/sys/net/ipv4/ip_forward results in resetting all + # non-default ipv4 parameters for the interface as mentioned in + # /usr/src/linux/Documentation/networking/ip-sysctl.txt. So, we + # will reapply any ipv4 sysctl parameters now: + if [ -r /etc/sysctl.conf ]; then + /bin/grep ipv4 /etc/sysctl.conf | sysctl -p - 1> /dev/null 2> /dev/null + fi + fi +} + +# Restart IP packet forwarding: +ip_forward_restart() { + ip_forward_stop + sleep 1 + ip_forward_start +} + +case "$1" in +'start') + ip_forward_start + ;; +'stop') + ip_forward_stop + ;; +'restart') + ip_forward_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac + |