rp_filter is off by _kernel_ default. (Some distibutions turn it on in startup scripts). The folowing text from net/ipv4/Kconfig is confusing.(It seems one distribution maintainer thinks rp_filter is on by kernel default) "config IP_ADVANCED_ROUTER [..........] If you turn on IP forwarding, you will also get the rp_filter, which automatically rejects incoming packets if the routing table entry for their source address doesn't match the network interface they're arriving on. This has security advantages because it prevents the so-called IP spoofing, however it can pose problems if you use asymmetric routing (packets from you to a host take a different path than packets from that host to you) or if you operate a non-routing host which has several IP addresses on different interfaces. To turn rp_filter off use: echo 0 > /proc/sys/net/ipv4/conf/<device>/rp_filter or echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter" In 2.4 the error is in Documentation/Configure/help. Please fix this too. Thanks.
*** Bug 5016 has been marked as a duplicate of this bug. ***
Can somebody who is familiar with networking in the kernel comment on this? Should I prepare a patch that remove that paragraph?
patch posted to netdev@vger.kernel.org
accepted into davem's netdev tree.