Why is my `net.ipv4.ip_forward = 1`?
Clash Royale CLAN TAG#URR8PPP
up vote
3
down vote
favorite
I just discovered accidentally that cat /proc/sys/net/ipv4/ip_forward
returns 1. I can't remember having enabled net.ipv4.ip_forward
anytime ago, but since my system runs for several years now, I can't exclude that either.
I don't expect my 4.14.3-1-ARCH
having net.ipv4.ip_forward = 1
by default, so in what place could this be enabled? I know about /etc/sysctl.d
, but none of the files in there specifies IP forwarding. It is persistent across reboots, though, so where could it have been enabled? Thanks!
Edit: My Interfaces are:
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether a4:34:d9:a2:33:7f brd ff:ff:ff:ff:ff:ff
3: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 54:ee:75:8e:ef:37 brd ff:ff:ff:ff:ff:ff
4: pan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 2e:02:14:5b:d8:21 brd ff:ff:ff:ff:ff:ff
Edit 2: Contents of my filter
-iptable:
# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Edit 3: I stumbled upon a connection called pan1
in NetworkManager, which is always connected and probably corresponds to the network interface pan1
. Interestingly, it is in bridge
-mode. Unfortunately, I can't imagine having created this connection by hand, and I can't find where it comes from (grep -rn "pan1" /etc/NetworkManager/system-connections/
gives no output). My first suspect, removing all paired bluetooth devices, brought no avail. Here's the connection's contents:
$ nmcli connection show pan1
connection.id: pan1
connection.uuid: fc8c690c-3874-48df-8ccb-98a0fc698604
connection.stable-id: --
connection.type: bridge
connection.interface-name: pan1
connection.autoconnect: no
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.auth-retries: -1
connection.timestamp: 1512614672
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
ipv4.method: manual
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 100
ipv4.addresses: 10.228.230.1/24
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
ipv6.method: ignore
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: ""
ipv6.dns-priority: 100
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.route-table: 0 (unspec)
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.token: --
bridge.mac-address: --
bridge.stp: no
bridge.priority: 32768
bridge.forward-delay: 0
bridge.hello-time: 1
bridge.max-age: 19
bridge.ageing-time: 299
bridge.group-forward-mask: 0
bridge.multicast-snooping: yes
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
GENERAL.NAME: pan1
GENERAL.UUID: fc8c690c-3874-48df-8ccb-98a0fc698604
GENERAL.DEVICES: pan1
GENERAL.STATE: activated
GENERAL.DEFAULT: no
GENERAL.DEFAULT6: no
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/62
GENERAL.ZONE: --
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 10.228.230.1/24
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 10.228.230.0/24, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --
networking sysctl
 |Â
show 3 more comments
up vote
3
down vote
favorite
I just discovered accidentally that cat /proc/sys/net/ipv4/ip_forward
returns 1. I can't remember having enabled net.ipv4.ip_forward
anytime ago, but since my system runs for several years now, I can't exclude that either.
I don't expect my 4.14.3-1-ARCH
having net.ipv4.ip_forward = 1
by default, so in what place could this be enabled? I know about /etc/sysctl.d
, but none of the files in there specifies IP forwarding. It is persistent across reboots, though, so where could it have been enabled? Thanks!
Edit: My Interfaces are:
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether a4:34:d9:a2:33:7f brd ff:ff:ff:ff:ff:ff
3: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 54:ee:75:8e:ef:37 brd ff:ff:ff:ff:ff:ff
4: pan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 2e:02:14:5b:d8:21 brd ff:ff:ff:ff:ff:ff
Edit 2: Contents of my filter
-iptable:
# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Edit 3: I stumbled upon a connection called pan1
in NetworkManager, which is always connected and probably corresponds to the network interface pan1
. Interestingly, it is in bridge
-mode. Unfortunately, I can't imagine having created this connection by hand, and I can't find where it comes from (grep -rn "pan1" /etc/NetworkManager/system-connections/
gives no output). My first suspect, removing all paired bluetooth devices, brought no avail. Here's the connection's contents:
$ nmcli connection show pan1
connection.id: pan1
connection.uuid: fc8c690c-3874-48df-8ccb-98a0fc698604
connection.stable-id: --
connection.type: bridge
connection.interface-name: pan1
connection.autoconnect: no
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.auth-retries: -1
connection.timestamp: 1512614672
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
ipv4.method: manual
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 100
ipv4.addresses: 10.228.230.1/24
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
ipv6.method: ignore
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: ""
ipv6.dns-priority: 100
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.route-table: 0 (unspec)
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.token: --
bridge.mac-address: --
bridge.stp: no
bridge.priority: 32768
bridge.forward-delay: 0
bridge.hello-time: 1
bridge.max-age: 19
bridge.ageing-time: 299
bridge.group-forward-mask: 0
bridge.multicast-snooping: yes
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
GENERAL.NAME: pan1
GENERAL.UUID: fc8c690c-3874-48df-8ccb-98a0fc698604
GENERAL.DEVICES: pan1
GENERAL.STATE: activated
GENERAL.DEFAULT: no
GENERAL.DEFAULT6: no
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/62
GENERAL.ZONE: --
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 10.228.230.1/24
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 10.228.230.0/24, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --
networking sysctl
Does this help:grep -rn net.ipv4.ip_forward /etc/*
â RubberStamp
Dec 6 '17 at 16:56
3
What kind of local networking interfaces and features do you have? NATs ? Bridges? etc.
â Patrick Mevzek
Dec 6 '17 at 17:00
@RubberStamp: Good idea, should have come to that myself. Unfortunately, it results in no output, so none of the files in /etc/ specifynet.ipv4.ip_forward = 1
. @patrick-mevzek I've added my interfaces to my above post.
â LukeLR
Dec 6 '17 at 17:11
1
Do you have anything installed that could want to route packets like a virtualisation solution (vms or containers)? A fancy firewall management interface? hotspot to share your mobile 4g of wifi?
â Stéphane Chazelas
Dec 6 '17 at 17:38
Are there any entry in the FORWARD chains of thefilter
iptables table? If any their names could give an indication as to what enabled forwarding.
â Stéphane Chazelas
Dec 6 '17 at 17:39
 |Â
show 3 more comments
up vote
3
down vote
favorite
up vote
3
down vote
favorite
I just discovered accidentally that cat /proc/sys/net/ipv4/ip_forward
returns 1. I can't remember having enabled net.ipv4.ip_forward
anytime ago, but since my system runs for several years now, I can't exclude that either.
I don't expect my 4.14.3-1-ARCH
having net.ipv4.ip_forward = 1
by default, so in what place could this be enabled? I know about /etc/sysctl.d
, but none of the files in there specifies IP forwarding. It is persistent across reboots, though, so where could it have been enabled? Thanks!
Edit: My Interfaces are:
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether a4:34:d9:a2:33:7f brd ff:ff:ff:ff:ff:ff
3: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 54:ee:75:8e:ef:37 brd ff:ff:ff:ff:ff:ff
4: pan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 2e:02:14:5b:d8:21 brd ff:ff:ff:ff:ff:ff
Edit 2: Contents of my filter
-iptable:
# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Edit 3: I stumbled upon a connection called pan1
in NetworkManager, which is always connected and probably corresponds to the network interface pan1
. Interestingly, it is in bridge
-mode. Unfortunately, I can't imagine having created this connection by hand, and I can't find where it comes from (grep -rn "pan1" /etc/NetworkManager/system-connections/
gives no output). My first suspect, removing all paired bluetooth devices, brought no avail. Here's the connection's contents:
$ nmcli connection show pan1
connection.id: pan1
connection.uuid: fc8c690c-3874-48df-8ccb-98a0fc698604
connection.stable-id: --
connection.type: bridge
connection.interface-name: pan1
connection.autoconnect: no
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.auth-retries: -1
connection.timestamp: 1512614672
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
ipv4.method: manual
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 100
ipv4.addresses: 10.228.230.1/24
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
ipv6.method: ignore
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: ""
ipv6.dns-priority: 100
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.route-table: 0 (unspec)
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.token: --
bridge.mac-address: --
bridge.stp: no
bridge.priority: 32768
bridge.forward-delay: 0
bridge.hello-time: 1
bridge.max-age: 19
bridge.ageing-time: 299
bridge.group-forward-mask: 0
bridge.multicast-snooping: yes
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
GENERAL.NAME: pan1
GENERAL.UUID: fc8c690c-3874-48df-8ccb-98a0fc698604
GENERAL.DEVICES: pan1
GENERAL.STATE: activated
GENERAL.DEFAULT: no
GENERAL.DEFAULT6: no
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/62
GENERAL.ZONE: --
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 10.228.230.1/24
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 10.228.230.0/24, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --
networking sysctl
I just discovered accidentally that cat /proc/sys/net/ipv4/ip_forward
returns 1. I can't remember having enabled net.ipv4.ip_forward
anytime ago, but since my system runs for several years now, I can't exclude that either.
I don't expect my 4.14.3-1-ARCH
having net.ipv4.ip_forward = 1
by default, so in what place could this be enabled? I know about /etc/sysctl.d
, but none of the files in there specifies IP forwarding. It is persistent across reboots, though, so where could it have been enabled? Thanks!
Edit: My Interfaces are:
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether a4:34:d9:a2:33:7f brd ff:ff:ff:ff:ff:ff
3: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 54:ee:75:8e:ef:37 brd ff:ff:ff:ff:ff:ff
4: pan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 2e:02:14:5b:d8:21 brd ff:ff:ff:ff:ff:ff
Edit 2: Contents of my filter
-iptable:
# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Edit 3: I stumbled upon a connection called pan1
in NetworkManager, which is always connected and probably corresponds to the network interface pan1
. Interestingly, it is in bridge
-mode. Unfortunately, I can't imagine having created this connection by hand, and I can't find where it comes from (grep -rn "pan1" /etc/NetworkManager/system-connections/
gives no output). My first suspect, removing all paired bluetooth devices, brought no avail. Here's the connection's contents:
$ nmcli connection show pan1
connection.id: pan1
connection.uuid: fc8c690c-3874-48df-8ccb-98a0fc698604
connection.stable-id: --
connection.type: bridge
connection.interface-name: pan1
connection.autoconnect: no
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.auth-retries: -1
connection.timestamp: 1512614672
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
ipv4.method: manual
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 100
ipv4.addresses: 10.228.230.1/24
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
ipv6.method: ignore
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: ""
ipv6.dns-priority: 100
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.route-table: 0 (unspec)
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.token: --
bridge.mac-address: --
bridge.stp: no
bridge.priority: 32768
bridge.forward-delay: 0
bridge.hello-time: 1
bridge.max-age: 19
bridge.ageing-time: 299
bridge.group-forward-mask: 0
bridge.multicast-snooping: yes
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
GENERAL.NAME: pan1
GENERAL.UUID: fc8c690c-3874-48df-8ccb-98a0fc698604
GENERAL.DEVICES: pan1
GENERAL.STATE: activated
GENERAL.DEFAULT: no
GENERAL.DEFAULT6: no
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/62
GENERAL.ZONE: --
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 10.228.230.1/24
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 10.228.230.0/24, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --
networking sysctl
edited Dec 7 '17 at 2:48
asked Dec 6 '17 at 16:48
LukeLR
1305
1305
Does this help:grep -rn net.ipv4.ip_forward /etc/*
â RubberStamp
Dec 6 '17 at 16:56
3
What kind of local networking interfaces and features do you have? NATs ? Bridges? etc.
â Patrick Mevzek
Dec 6 '17 at 17:00
@RubberStamp: Good idea, should have come to that myself. Unfortunately, it results in no output, so none of the files in /etc/ specifynet.ipv4.ip_forward = 1
. @patrick-mevzek I've added my interfaces to my above post.
â LukeLR
Dec 6 '17 at 17:11
1
Do you have anything installed that could want to route packets like a virtualisation solution (vms or containers)? A fancy firewall management interface? hotspot to share your mobile 4g of wifi?
â Stéphane Chazelas
Dec 6 '17 at 17:38
Are there any entry in the FORWARD chains of thefilter
iptables table? If any their names could give an indication as to what enabled forwarding.
â Stéphane Chazelas
Dec 6 '17 at 17:39
 |Â
show 3 more comments
Does this help:grep -rn net.ipv4.ip_forward /etc/*
â RubberStamp
Dec 6 '17 at 16:56
3
What kind of local networking interfaces and features do you have? NATs ? Bridges? etc.
â Patrick Mevzek
Dec 6 '17 at 17:00
@RubberStamp: Good idea, should have come to that myself. Unfortunately, it results in no output, so none of the files in /etc/ specifynet.ipv4.ip_forward = 1
. @patrick-mevzek I've added my interfaces to my above post.
â LukeLR
Dec 6 '17 at 17:11
1
Do you have anything installed that could want to route packets like a virtualisation solution (vms or containers)? A fancy firewall management interface? hotspot to share your mobile 4g of wifi?
â Stéphane Chazelas
Dec 6 '17 at 17:38
Are there any entry in the FORWARD chains of thefilter
iptables table? If any their names could give an indication as to what enabled forwarding.
â Stéphane Chazelas
Dec 6 '17 at 17:39
Does this help:
grep -rn net.ipv4.ip_forward /etc/*
â RubberStamp
Dec 6 '17 at 16:56
Does this help:
grep -rn net.ipv4.ip_forward /etc/*
â RubberStamp
Dec 6 '17 at 16:56
3
3
What kind of local networking interfaces and features do you have? NATs ? Bridges? etc.
â Patrick Mevzek
Dec 6 '17 at 17:00
What kind of local networking interfaces and features do you have? NATs ? Bridges? etc.
â Patrick Mevzek
Dec 6 '17 at 17:00
@RubberStamp: Good idea, should have come to that myself. Unfortunately, it results in no output, so none of the files in /etc/ specify
net.ipv4.ip_forward = 1
. @patrick-mevzek I've added my interfaces to my above post.â LukeLR
Dec 6 '17 at 17:11
@RubberStamp: Good idea, should have come to that myself. Unfortunately, it results in no output, so none of the files in /etc/ specify
net.ipv4.ip_forward = 1
. @patrick-mevzek I've added my interfaces to my above post.â LukeLR
Dec 6 '17 at 17:11
1
1
Do you have anything installed that could want to route packets like a virtualisation solution (vms or containers)? A fancy firewall management interface? hotspot to share your mobile 4g of wifi?
â Stéphane Chazelas
Dec 6 '17 at 17:38
Do you have anything installed that could want to route packets like a virtualisation solution (vms or containers)? A fancy firewall management interface? hotspot to share your mobile 4g of wifi?
â Stéphane Chazelas
Dec 6 '17 at 17:38
Are there any entry in the FORWARD chains of the
filter
iptables table? If any their names could give an indication as to what enabled forwarding.â Stéphane Chazelas
Dec 6 '17 at 17:39
Are there any entry in the FORWARD chains of the
filter
iptables table? If any their names could give an indication as to what enabled forwarding.â Stéphane Chazelas
Dec 6 '17 at 17:39
 |Â
show 3 more comments
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f409254%2fwhy-is-my-net-ipv4-ip-forward-1%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Does this help:
grep -rn net.ipv4.ip_forward /etc/*
â RubberStamp
Dec 6 '17 at 16:56
3
What kind of local networking interfaces and features do you have? NATs ? Bridges? etc.
â Patrick Mevzek
Dec 6 '17 at 17:00
@RubberStamp: Good idea, should have come to that myself. Unfortunately, it results in no output, so none of the files in /etc/ specify
net.ipv4.ip_forward = 1
. @patrick-mevzek I've added my interfaces to my above post.â LukeLR
Dec 6 '17 at 17:11
1
Do you have anything installed that could want to route packets like a virtualisation solution (vms or containers)? A fancy firewall management interface? hotspot to share your mobile 4g of wifi?
â Stéphane Chazelas
Dec 6 '17 at 17:38
Are there any entry in the FORWARD chains of the
filter
iptables table? If any their names could give an indication as to what enabled forwarding.â Stéphane Chazelas
Dec 6 '17 at 17:39