Disable forced Reverse Path filtering
Minifirewall enable the Reverse Path filtering each time the init script is executed :
# Enable Reverse Path filtering : verify if responses use same network interface for i in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $i done
But VRRP needs it to be disabled. To simply re-disable it within minifirewall.conf instead of commenting out this part of the init script does not work : the fact that it is enabled, even for one second, is enough to break VRRP.
The problem is that this script is not made to be customized : an update of the init script could remove the comments. Then, a restart of minifirewall would break VRRP.
I think in Debian, the default value is already at 1. This configuration was already there at the first commit in 2009, so I do not know the need, but do we really need to enable Reverse Path filtering ?
Deleting a branch is permanent. It CANNOT be undone. Continue?