Re: Source routing is broken
by Kok
No, /etc/sysctl.d is the correct location for it. A quick scan shows
it's looking in the folder when it runs.
We do disable source source routing by default in clearlinux, as is set
in /usr/lib/sysctl.d/50-default.conf:
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.*.accept_source_route = 0
-net.ipv4.conf.all.accept_source_route
I wonder if there's an ordering issue.
On 11/18/21 03:52, Omkhar Arasaratnam wrote:
> As a follow up, setting this in /etc/sysctl.d does not persist
> accept_source_route post reboot - does Clear expect this to be in a
> different directory?
>
> --oa
>
>
> On Tue, Nov 16, 2021 at 1:58 PM Omkhar Arasaratnam <omkhar(a)gmail.com> wrote:
>
>> got it - or I suppose sticking a file in /etc/sysctl.d with the following
>> statement will re-enable it for all interfaces:
>>
>> /etc/sysctl.d/40-source-routing-enable.conf
>> net.ipv4.conf.all.accept_source_route=1
>>
>>
>> On Tue, Nov 16, 2021 at 9:48 AM Arjan van de Ven <arjan(a)linux.intel.com>
>> wrote:
>>
>>> On 11/14/2021 3:54 AM, Omkhar Arasaratnam wrote:
>>>> I've noticed that source routing has been broken over the last couple of
>>>> weeks (bug: https://github.com/clearlinux/distribution/issues/2475 )
>>>>
>>>> This seems to happen periodically, source routing will fail and for some
>>>> reason it will start working a few builds later. Any thoughts>
>>>
>>> /proc/sys $ cat ./net/ipv4/conf/*/accept_source_route
>>> 0
>>> 0
>>> 0
>>> 0
>>>
>>>
>>> that proc tunable needs to be 1 for source routing to work;
>>> my guess is the upstream security side defaults it to 0 now
>>> _______________________________________________
>>> Dev mailing list -- dev(a)lists.clearlinux.org
>>> To unsubscribe send an email to dev-leave(a)lists.clearlinux.org
>>>
> _______________________________________________
> Dev mailing list -- dev(a)lists.clearlinux.org
> To unsubscribe send an email to dev-leave(a)lists.clearlinux.org
1 year
- 1
- 1