no (0) - No source validation.
strict (1) - If the interface is not the best reverse path the packet check will fail.
loose (2) - If the source address is not reachable via any interface the packet check will fail.
no (0) - No source validation.
strict (1) - If the interface is not the best reverse path the packet check will fail.
loose (2) - If the source address is not reachable via any interface the packet check will fail.
# sysctl -a | grep rp_filter
# sysctl -w net.ipv4.conf.<interface>.rp_filter=<value>
Settando rp_filter a 0 o a 2 su un interfaccia e' necessario che net.ipv4.conf.all.rp_filter sia a 0:
# sysctl -w net.ipv4.conf.all.rp_filter=0
Modificare il file /etc/sysctl.d/30-rp_filter.conf con i valori desiderati. Ad esempio:
net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.eth0.rp_filter=2
Occhio al rp_filter - https://www.mail-archive.com/wireless%40ml.ninux.org/msg11106.html
RFC 3704 (Ingress Filtering for Multihomed Networks) - https://datatracker.ietf.org/doc/rfc3704/