2011/9/29 Ben Hutchings <b...@decadent.org.uk> > On Thu, Sep 29, 2011 at 10:24:36PM +0200, Alexandre Chapellon wrote: > > Package: linux-2.6 > > Version: 3.0.0-3 > > Severity: normal > > > > Dear Maintainer, > > > > I have a vpn gateway that periodically sends icmp redirects to the hosts > of my > > network (when renegociating tunnels), I configured hosts not to accepts > > reidrects by uncommenting the default directive found in sysctl.conf: > > > > net.ipv4.conf.all.accept_redirects = 0 > > Settings under net.ipv4.conf.all should affect all currently > existing interfaces, but not newly created interfaces. > > [...] > > If i try to echo the value in the proc filesystem, It's no better: > > root@elronde:/home/alxgomzecho 0 > > /proc/sys/net/ipv4/conf/all/accept_redirects > > root@elronde:/home/alxgomz# cat > /proc/sys/net/ipv4/conf/*/accept_redirects > > 0 > > 1 > > 1 > > 1 > > 1 > > > > Where I expected this to put all interfaces to zero. > > That is what I would expect, too. Were any network interfaces > created in between running those two commands? > > nope, none
> > the entry ./default/accept_redirects seems to work as expected. > > Settings under net.ipv4.conf.default should affect all newly created > interfaces, but not any currently existing interfaces. > And that's what it does. > > > I have seen the same behaviour for other proc entries such as > send_redirects > > and notices the bug #630650 that is maybe related. > [...] > > Report #630650 is incoherent. > > Ben. > > -- > Ben Hutchings > We get into the habit of living before acquiring the habit of thinking. > - Albert Camus >
