[Openswan Users] Installing OpenSwan for the first time
Gbenga
stjames08 at yahoo.co.uk
Thu Mar 13 10:20:08 EDT 2008
Chrs,
You can also set those parameters permanently via /etc/sysctl.conf by passing either 0 or 1 to the options. Read up on man sysctl. It is very short and to the point.
Rgds,
Gbenga
----------
Absolutely,
This script resides in my /root/bin.
I call it disable_send_accept_redirects
------
#!/bin/bash
# Disable send redirects
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/lo/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/ppp0/send_redirects
# Disable accept redirects
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/lo/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/ppp0/accept_redirects
-----
I have also added the following line to my /etc/rc.local startup scipt:
/root/bin/disable_send_accept_redirects
So that it is called on startup. I am using FC7 - on your system the startup script location may be different.
As you can see I disable both types of redirects for ALL interface - I am not sure if that is correct or wise but it seems to work for me ; )
I'm new to linux too, welcome to the club.
Regards,
Arjun Datta
__________________________________________________________
Sent from Yahoo! Mail.
The World's Favourite Email http://uk.docs.yahoo.com/nowyoucan.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080313/1ecf3b29/attachment.html
More information about the Users
mailing list