On 05/31/2011 09:29 AM, Tom Horsley wrote:
On Tue, 31 May 2011 14:17:44 +0100 Dan Track wrote:
Just for future reference I figured out the problem. You need to run on rp_filter on the interfaces you wish to include in the routing process.
What exactly does that mean, and how do I do it? I've never heard of it before, but it could easily be the reason I haven't been able to get my USB wi-fi dongle working as an access point in f15 while doing all the exact same things I did in f14 (where it works perfectly).
rp_filter (/proc/sys/net/ipv4/conf/*/rp_filter) attempts to avoid src IP spoofing by checking src IP of packet and ensuring that it goes out the way it came - to be a little more specific - if the 'best route' to that src ip is not the same interface the packet came in on, rp_filter will drop the packet.
Usually its fine (correct) to leave rp_filter on - be thoughtful if you're doing something funky with routing tables.
Thats my recollection anyway ... you turn it on/off echo 1/0 into the /proc/sys/xxx
gene/