oriolrius.cat

Des del 2000 compartiendo sobre…

rp_filter Linux kernel feature

Reading time: 1 – 2 minutes

It’s just an IP spoofing protection which is by default enabled on Linux kernels. When it’s value is ‘1’ means that all IP address which are not directly routable and received form a network interface they are directly discarded.

So, if you want to scan a range of IP address in your LAN which not belong to that interface address space when packets from IP addresses are received they are going to be discarded by the kernel. So, take that into account when you have those “unusual” requirements.

It can be enable/disabled by all interfaces or just one:

root@mini9:/proc/sys/net/ipv4# cat ./conf/all/rp_filter
1
root@mini9:/proc/sys/net/ipv4# cat ./conf/ztly5q4n37/rp_filter
1

Comments are closed.

Últimas entradas

Avui ja n’he fet 20

Reading time: < 1 minute Aprofito aquesta entrada per comentar una nova efemèride s’ha produït avui mateix. Ja que després de 46 anys menys dos dies he visitat de nou l’hospital on vaig néixer. Aquest cop per fer-me unes radiografies

Leer más »

Resumen 2022

Reading time: 26 – 42 minutes El 2022 empezó esquiando en Candanchú. Un fin de año en familia y con una COVID que se iba despidiendo después de habernos cambiado la vida a todos. Hemos tenido la fortuna de que

Leer más »

Deploying gotop with Ansible

Reading time: 1 – 2 minutes Gotop is a terminal based graphical activity monitor inspired by gtop and vtop; it’s available at: https://github.com/xxxserxxx/gotop/ I published a role in Ansible Galaxy for deploying gotop in Linux servers. The role page in

Leer más »
Archivo