Disable forced Reverse Path filtering #7
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Minifirewall enable the Reverse Path filtering each time the init script is executed :
But VRRP needs it to be disabled. To simply re-disable it within minifirewall.conf instead of commenting out this part of the init script does not work : the fact that it is enabled, even for one second, is enough to break VRRP.
The problem is that this script is not made to be customized : an update of the init script could remove the comments. Then, a restart of minifirewall would break VRRP.
I think in Debian, the default value is already at 1. This configuration was already there at the first commit in 2009, so I do not know the need, but do we really need to enable Reverse Path filtering ?
Yes, we need enable it by default.
We should have RP_FILTER variable to force it to 0 in rare case when needed.