* Re: [gentoo-dev] net forwarding
2002-06-06 4:03 [gentoo-dev] net forwarding Marko Mikulicic
@ 2002-06-05 22:12 ` Spider
2002-06-06 4:22 ` Marko Mikulicic
2002-06-05 22:30 ` Milos Negovanovic
1 sibling, 1 reply; 6+ messages in thread
From: Spider @ 2002-06-05 22:12 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 881 bytes --]
Topposting ;)
I prefer to use :
echo "1" > /proc/sys/net/ipv4/ip_forward
instead of the sysctl variant.. and I do this both "on" and "off" in my
iptables script.. that's where I consider it "fitting"
//Spider
begin quote
On Thu, 06 Jun 2002 00:03:04 -0400
Marko Mikulicic <marko@seul.org> wrote:
> Hello,
>
> I didn't see any configuration file where the the ipv4 forwarding can
> be enabled. Where is the better place to do sysctl -w
> net.ipv4.ip_forward=1 ? Should I create a boot script ? Wouldn't be
> better to set a variable in /etc/conf.d/net ?
>
> --
> Marko
>
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev
--
begin .signature
This is a .signature virus! Please copy me into your .signature!
See Microsoft KB Article Q265230 for more information.
end
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] net forwarding
2002-06-06 4:03 [gentoo-dev] net forwarding Marko Mikulicic
2002-06-05 22:12 ` Spider
@ 2002-06-05 22:30 ` Milos Negovanovic
1 sibling, 0 replies; 6+ messages in thread
From: Milos Negovanovic @ 2002-06-05 22:30 UTC (permalink / raw
To: gentoo-dev
Hi,
firewall script should be the place ... ?
Milos
On Thu, 06 Jun 2002 00:03:04 -0400
Marko Mikulicic <marko@seul.org> wrote:
> Hello,
>
> I didn't see any configuration file where the the ipv4 forwarding can be
> enabled. Where is the better place to do sysctl -w net.ipv4.ip_forward=1
> ? Should I create a boot script ? Wouldn't be better to set a variable
> in /etc/conf.d/net ?
>
> --
> Marko
>
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] net forwarding
2002-06-06 4:22 ` Marko Mikulicic
@ 2002-06-05 23:12 ` Martin Schlemmer
2002-06-06 2:02 ` Spider
1 sibling, 0 replies; 6+ messages in thread
From: Martin Schlemmer @ 2002-06-05 23:12 UTC (permalink / raw
To: Gentoo-Dev
On Thu, 2002-06-06 at 06:22, Marko Mikulicic wrote:
> Spider wrote:
> > Topposting ;)
> >
> > I prefer to use :
> > echo "1" > /proc/sys/net/ipv4/ip_forward
> > instead of the sysctl variant.. and I do this both "on" and "off" in my
> > iptables script.. that's where I consider it "fitting"
>
> may I ask you why do you prefer the /proc variant ? I have no prejudice
> on both,
> but I'm wondering why there is some many "sysctl" based scripts
> (in other distros).
>
> I thought iptables was the "IP packet filter". Ip forwarding
> can be used for other things, like openvpn tunneling or other
> routing stuff which doesn't depend on iptables, right? What if I don't
> have installed iptables ? Where it should go then ?
>
> I would avoid to complicate the /etc/init.d/net script. Perhaps a
> separated /etc/init.d/net_forwarding (not sure about the nomenclature) ?
>
If /etc/sysctl.conf is present, /etc/init.d/bootmisc will
run sysctl automatically at boot.
--
Martin Schlemmer
Gentoo Linux Developer, Desktop Team Developer
Cape Town, South Africa
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] net forwarding
2002-06-06 4:22 ` Marko Mikulicic
2002-06-05 23:12 ` Martin Schlemmer
@ 2002-06-06 2:02 ` Spider
1 sibling, 0 replies; 6+ messages in thread
From: Spider @ 2002-06-06 2:02 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 1282 bytes --]
begin quote
On Thu, 06 Jun 2002 00:22:26 -0400
Marko Mikulicic <marko@seul.org> wrote:
> may I ask you why do you prefer the /proc variant ? I have no
> prejudice on both,
> but I'm wondering why there is some many "sysctl" based scripts
> (in other distros).
less spawning of programs (fewer threads == faster and less disk
accessing on a low-ram machine )
implementation is simpler in many cases (less prone to error since I'm
more used to shell syntax)
> I thought iptables was the "IP packet filter". Ip forwarding
> can be used for other things, like openvpn tunneling or other
> routing stuff which doesn't depend on iptables, right? What if I don't
> have installed iptables ? Where it should go then ?
Well, net, bootmisc is one thing, but I have it in my iptables script
because thats where I tune my other firewall/network related settings,
syncookies, high/low ports and memory threshholds as well as my port
forwarding and ip forwarding rules, and ecn bit settings.
as for your idea on more scripts, I prefer to keep them less, means less
overhead and fewer points of failure in the caching mechanism..
//Spider
--
begin .signature
This is a .signature virus! Please copy me into your .signature!
See Microsoft KB Article Q265230 for more information.
end
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* [gentoo-dev] net forwarding
@ 2002-06-06 4:03 Marko Mikulicic
2002-06-05 22:12 ` Spider
2002-06-05 22:30 ` Milos Negovanovic
0 siblings, 2 replies; 6+ messages in thread
From: Marko Mikulicic @ 2002-06-06 4:03 UTC (permalink / raw
To: gentoo-dev
Hello,
I didn't see any configuration file where the the ipv4 forwarding can be
enabled. Where is the better place to do sysctl -w net.ipv4.ip_forward=1
? Should I create a boot script ? Wouldn't be better to set a variable
in /etc/conf.d/net ?
--
Marko
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] net forwarding
2002-06-05 22:12 ` Spider
@ 2002-06-06 4:22 ` Marko Mikulicic
2002-06-05 23:12 ` Martin Schlemmer
2002-06-06 2:02 ` Spider
0 siblings, 2 replies; 6+ messages in thread
From: Marko Mikulicic @ 2002-06-06 4:22 UTC (permalink / raw
To: gentoo-dev
Spider wrote:
> Topposting ;)
>
> I prefer to use :
> echo "1" > /proc/sys/net/ipv4/ip_forward
> instead of the sysctl variant.. and I do this both "on" and "off" in my
> iptables script.. that's where I consider it "fitting"
may I ask you why do you prefer the /proc variant ? I have no prejudice
on both,
but I'm wondering why there is some many "sysctl" based scripts
(in other distros).
I thought iptables was the "IP packet filter". Ip forwarding
can be used for other things, like openvpn tunneling or other
routing stuff which doesn't depend on iptables, right? What if I don't
have installed iptables ? Where it should go then ?
I would avoid to complicate the /etc/init.d/net script. Perhaps a
separated /etc/init.d/net_forwarding (not sure about the nomenclature) ?
--
Marko
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2002-06-06 2:03 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-06-06 4:03 [gentoo-dev] net forwarding Marko Mikulicic
2002-06-05 22:12 ` Spider
2002-06-06 4:22 ` Marko Mikulicic
2002-06-05 23:12 ` Martin Schlemmer
2002-06-06 2:02 ` Spider
2002-06-05 22:30 ` Milos Negovanovic
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox