Documentation: networking: ip-sysctl: Document src_valid_mark sysctl
Provide documentation for src_valid_mark sysctl, which was added
in commit 28f6aeea3f ("net: restore ip source validation").
Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Jay Vosburgh
David S. Miller
Родитель
1e2e61af19
Коммит
8cf5d8cc3e
|
|
@ -1446,6 +1446,25 @@ rp_filter - INTEGER
|
|||
Default value is 0. Note that some distributions enable it
|
||||
in startup scripts.
|
||||
|
||||
src_valid_mark - BOOLEAN
|
||||
- 0 - The fwmark of the packet is not included in reverse path
|
||||
route lookup. This allows for asymmetric routing configurations
|
||||
utilizing the fwmark in only one direction, e.g., transparent
|
||||
proxying.
|
||||
|
||||
- 1 - The fwmark of the packet is included in reverse path route
|
||||
lookup. This permits rp_filter to function when the fwmark is
|
||||
used for routing traffic in both directions.
|
||||
|
||||
This setting also affects the utilization of fmwark when
|
||||
performing source address selection for ICMP replies, or
|
||||
determining addresses stored for the IPOPT_TS_TSANDADDR and
|
||||
IPOPT_RR IP options.
|
||||
|
||||
The max value from conf/{all,interface}/src_valid_mark is used.
|
||||
|
||||
Default value is 0.
|
||||
|
||||
arp_filter - BOOLEAN
|
||||
- 1 - Allows you to have multiple network interfaces on the same
|
||||
subnet, and have the ARPs for each interface be answered
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче