Hi,
On jeu, sep 29, 2005, ??????? ??????? wrote:
> I have two vlan interfaces and one satellite interface.
> sputnik is satellite iface.
> net.ipv4.conf.sputnik.rp_filter shold be set to 0, which is done by
> this line in /etc/network/interfaces:
> post-up /sbin/sysctl -w net.ipv4.conf.sputnik.rp_filter=0
This is one ugly way of doing it, and should work.
> system was converted to using vlans a month ago, and today
> i was disappointed by a fact what rp_filter does not set to 0
> on 'ifup sputnik'.
> it turns out what /etc/network/if-up.d/ip set this sysctl on it's own,
> and i need additional parameter in /etc/network/interfaces
> specifically to tell vlan's ip script to set rp_filter.
The /etc/network/if-up.d/ip script will only change settings *IF* you
set them. "if [ -n "$IF_IP_PROXY_ARP" ]" means that the code will only
run if something is written in IF_IP_PROXY_ARP, that is if you
configured ip_proxy_arp in your interfaces file.
However, please note that rp_filter only makes sense for IP interfaces.
If you don't have any IP address on your interface, I suppose
rp_filter won't work.
> I suggest what /etc/network/if-up.d/ip should act only on vlan interfaces,
> checking them in a manner if-pre-up.d/vlan script does.
I think that /etc/network/if-up.d/ip applies in general to all people
wanting to use proxy_arp and/or rp_filter. This applies to people with
DMZ or multiple internet connections for example, and these people
don't necessarily use vlans. Hence, I think this script should be in
ifupdown, as the comment points out:
# This should probably go into ifupdown
# But usually only those with lots of interfaces (vlans) need these
... but this is a separate problem.
Could you explain your original problem? I don't think
/etc/network/if-up.d/ip is messing with your "post-up" stanza, could
you please the complete definition of your interface and run:
cat /proc/sys/net/ipv4/conf/sputnik/rp_filter
after ifuping your interface?
Thanks,
--
Loïc Minier <[EMAIL PROTECTED]>
