Documentation: ip-sysctl.txt: clarify secure_redirects
Clarify how secure_redirects works. Mention that RFC1122 always applies. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
68bb399e65
commit
176b346b37
|
@ -1036,15 +1036,17 @@ proxy_arp_pvlan - BOOLEAN
|
|||
|
||||
shared_media - BOOLEAN
|
||||
Send(router) or accept(host) RFC1620 shared media redirects.
|
||||
Overrides ip_secure_redirects.
|
||||
Overrides secure_redirects.
|
||||
shared_media for the interface will be enabled if at least one of
|
||||
conf/{all,interface}/shared_media is set to TRUE,
|
||||
it will be disabled otherwise
|
||||
default TRUE
|
||||
|
||||
secure_redirects - BOOLEAN
|
||||
Accept ICMP redirect messages only for gateways,
|
||||
listed in default gateway list.
|
||||
Accept ICMP redirect messages only to gateways listed in the
|
||||
interface's current gateway list. Even if disabled, RFC1122 redirect
|
||||
rules still apply.
|
||||
Overridden by shared_media.
|
||||
secure_redirects for the interface will be enabled if at least one of
|
||||
conf/{all,interface}/secure_redirects is set to TRUE,
|
||||
it will be disabled otherwise
|
||||
|
|
Loading…
Reference in New Issue