public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
* Re: [gentoo-dev] net forwarding
  2002-06-06  4:03 [gentoo-dev] net forwarding Marko Mikulicic
@ 2002-06-05 22:12 ` Spider
  2002-06-06  4:22   ` Marko Mikulicic
  2002-06-05 22:30 ` Milos Negovanovic
  1 sibling, 1 reply; 6+ messages in thread
From: Spider @ 2002-06-05 22:12 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 881 bytes --]

Topposting ;)

I prefer to use :
	echo "1" > /proc/sys/net/ipv4/ip_forward
instead of the sysctl variant.. and I do this both "on" and "off" in my
iptables script.. that's where I consider it "fitting"

//Spider


begin  quote
On Thu, 06 Jun 2002 00:03:04 -0400
Marko Mikulicic <marko@seul.org> wrote:

> Hello,
> 
> I didn't see any configuration file where the the ipv4 forwarding can
> be enabled. Where is the better place to do sysctl -w
> net.ipv4.ip_forward=1 ? Should I create a boot script ? Wouldn't be
> better to set a variable in /etc/conf.d/net ?
> 
> --
> Marko
> 
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev


--
begin  .signature
This is a .signature virus! Please copy me into your .signature!
See Microsoft KB Article Q265230 for more information.
end

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-dev] net forwarding
  2002-06-06  4:03 [gentoo-dev] net forwarding Marko Mikulicic
  2002-06-05 22:12 ` Spider
@ 2002-06-05 22:30 ` Milos Negovanovic
  1 sibling, 0 replies; 6+ messages in thread
From: Milos Negovanovic @ 2002-06-05 22:30 UTC (permalink / raw
  To: gentoo-dev

Hi,

firewall script should be the place ... ?

Milos
On Thu, 06 Jun 2002 00:03:04 -0400
Marko Mikulicic <marko@seul.org> wrote:

> Hello,
> 
> I didn't see any configuration file where the the ipv4 forwarding can be 
> enabled. Where is the better place to do sysctl -w net.ipv4.ip_forward=1 
> ? Should I create a boot script ? Wouldn't be better to set a variable 
> in /etc/conf.d/net ?
> 
> --
> Marko
> 
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev
> 


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-dev] net forwarding
  2002-06-06  4:22   ` Marko Mikulicic
@ 2002-06-05 23:12     ` Martin Schlemmer
  2002-06-06  2:02     ` Spider
  1 sibling, 0 replies; 6+ messages in thread
From: Martin Schlemmer @ 2002-06-05 23:12 UTC (permalink / raw
  To: Gentoo-Dev

On Thu, 2002-06-06 at 06:22, Marko Mikulicic wrote:
> Spider wrote:
> > Topposting ;)
> > 
> > I prefer to use :
> > 	echo "1" > /proc/sys/net/ipv4/ip_forward
> > instead of the sysctl variant.. and I do this both "on" and "off" in my
> > iptables script.. that's where I consider it "fitting"
> 
> may I ask you why do you prefer the /proc variant ? I have no prejudice 
> on both,
> but I'm wondering why there is some many "sysctl" based scripts
> (in other distros).
> 
>   I thought iptables was the "IP packet filter". Ip forwarding
> can be used for other things, like openvpn tunneling or other
> routing stuff which doesn't depend on iptables, right? What if I don't 
> have installed iptables ? Where it should go then ?
> 
>   I would avoid to complicate the /etc/init.d/net script. Perhaps a
> separated /etc/init.d/net_forwarding (not sure about the nomenclature) ?
> 

If /etc/sysctl.conf is present, /etc/init.d/bootmisc will
run sysctl automatically at boot.


-- 

Martin Schlemmer
Gentoo Linux Developer, Desktop Team Developer
Cape Town, South Africa




^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-dev] net forwarding
  2002-06-06  4:22   ` Marko Mikulicic
  2002-06-05 23:12     ` Martin Schlemmer
@ 2002-06-06  2:02     ` Spider
  1 sibling, 0 replies; 6+ messages in thread
From: Spider @ 2002-06-06  2:02 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 1282 bytes --]

begin  quote
On Thu, 06 Jun 2002 00:22:26 -0400
Marko Mikulicic <marko@seul.org> wrote:


> may I ask you why do you prefer the /proc variant ? I have no
> prejudice on both,
> but I'm wondering why there is some many "sysctl" based scripts
> (in other distros).
less spawning of programs (fewer threads  == faster and less disk
accessing on a low-ram machine )
implementation is simpler in many cases (less prone to error since I'm
more used to shell syntax)


>   I thought iptables was the "IP packet filter". Ip forwarding
> can be used for other things, like openvpn tunneling or other
> routing stuff which doesn't depend on iptables, right? What if I don't
> have installed iptables ? Where it should go then ?

Well, net, bootmisc is one thing, but I have it in my iptables script
because thats where I tune my other firewall/network related settings,
syncookies, high/low ports and memory threshholds as well as my port
forwarding and ip forwarding rules, and ecn bit settings.


as for your idea on more scripts, I prefer to keep them less, means less
overhead and fewer points of failure in the caching mechanism..


//Spider
--
begin  .signature
This is a .signature virus! Please copy me into your .signature!
See Microsoft KB Article Q265230 for more information.
end

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [gentoo-dev] net forwarding
@ 2002-06-06  4:03 Marko Mikulicic
  2002-06-05 22:12 ` Spider
  2002-06-05 22:30 ` Milos Negovanovic
  0 siblings, 2 replies; 6+ messages in thread
From: Marko Mikulicic @ 2002-06-06  4:03 UTC (permalink / raw
  To: gentoo-dev

Hello,

I didn't see any configuration file where the the ipv4 forwarding can be 
enabled. Where is the better place to do sysctl -w net.ipv4.ip_forward=1 
? Should I create a boot script ? Wouldn't be better to set a variable 
in /etc/conf.d/net ?

--
Marko



^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-dev] net forwarding
  2002-06-05 22:12 ` Spider
@ 2002-06-06  4:22   ` Marko Mikulicic
  2002-06-05 23:12     ` Martin Schlemmer
  2002-06-06  2:02     ` Spider
  0 siblings, 2 replies; 6+ messages in thread
From: Marko Mikulicic @ 2002-06-06  4:22 UTC (permalink / raw
  To: gentoo-dev

Spider wrote:
> Topposting ;)
> 
> I prefer to use :
> 	echo "1" > /proc/sys/net/ipv4/ip_forward
> instead of the sysctl variant.. and I do this both "on" and "off" in my
> iptables script.. that's where I consider it "fitting"

may I ask you why do you prefer the /proc variant ? I have no prejudice 
on both,
but I'm wondering why there is some many "sysctl" based scripts
(in other distros).

  I thought iptables was the "IP packet filter". Ip forwarding
can be used for other things, like openvpn tunneling or other
routing stuff which doesn't depend on iptables, right? What if I don't 
have installed iptables ? Where it should go then ?

  I would avoid to complicate the /etc/init.d/net script. Perhaps a
separated /etc/init.d/net_forwarding (not sure about the nomenclature) ?

--
Marko




^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2002-06-06  2:03 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-06-06  4:03 [gentoo-dev] net forwarding Marko Mikulicic
2002-06-05 22:12 ` Spider
2002-06-06  4:22   ` Marko Mikulicic
2002-06-05 23:12     ` Martin Schlemmer
2002-06-06  2:02     ` Spider
2002-06-05 22:30 ` Milos Negovanovic

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox