[Openswan Users] Installing OpenSwan for the first time

Gbenga stjames08 at yahoo.co.uk
Thu Mar 13 10:20:08 EDT 2008


You can also set those parameters permanently via /etc/sysctl.conf by passing either 0 or 1 to the options. Read up on man sysctl. It is very short and to the point.




This script resides in my /root/bin.

I call it disable_send_accept_redirects

# Disable send redirects
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/lo/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/ppp0/send_redirects

# Disable accept redirects
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/lo/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/ppp0/accept_redirects


I have also added the following line to my /etc/rc.local startup scipt:

So that it is called on startup.  I am using FC7 - on your system the startup script location may be different. 

As you can see I disable both types of redirects for ALL interface - I am not sure if that is correct or wise but it seems to work for me ; )

I'm new to linux too, welcome to the club.

Arjun Datta

Sent from Yahoo! Mail.
The World's Favourite Email http://uk.docs.yahoo.com/nowyoucan.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080313/1ecf3b29/attachment.html 

More information about the Users mailing list