diff options
| author | Eric Garver <e@erig.me> | 2016-05-26 12:28:05 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2016-05-29 22:40:53 -0700 |
| commit | 176b346b37f0b9c03e91eb6f1460e00f3c0c3edf (patch) | |
| tree | 39a55fd3ad282c635a9d19eb558e73b361f90894 | |
| parent | 68bb399e656f244d3d173a20a8280c167632fca8 (diff) | |
| download | linux-176b346b37f0b9c03e91eb6f1460e00f3c0c3edf.tar.gz | |
Documentation: ip-sysctl.txt: clarify secure_redirects
Clarify how secure_redirects works. Mention that RFC1122 always applies. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | Documentation/networking/ip-sysctl.txt | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 6c7f365b1515..9ae929395b24 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt @@ -1036,15 +1036,17 @@ proxy_arp_pvlan - BOOLEAN shared_media - BOOLEAN Send(router) or accept(host) RFC1620 shared media redirects. - Overrides ip_secure_redirects. + Overrides secure_redirects. shared_media for the interface will be enabled if at least one of conf/{all,interface}/shared_media is set to TRUE, it will be disabled otherwise default TRUE secure_redirects - BOOLEAN - Accept ICMP redirect messages only for gateways, - listed in default gateway list. + Accept ICMP redirect messages only to gateways listed in the + interface's current gateway list. Even if disabled, RFC1122 redirect + rules still apply. + Overridden by shared_media. secure_redirects for the interface will be enabled if at least one of conf/{all,interface}/secure_redirects is set to TRUE, it will be disabled otherwise |