summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorEric Garver <e@erig.me>2016-05-26 19:28:05 +0300
committerDavid S. Miller <davem@davemloft.net>2016-05-30 08:40:53 +0300
commit176b346b37f0b9c03e91eb6f1460e00f3c0c3edf (patch)
tree39a55fd3ad282c635a9d19eb558e73b361f90894 /Documentation
parent68bb399e656f244d3d173a20a8280c167632fca8 (diff)
downloadlinux-176b346b37f0b9c03e91eb6f1460e00f3c0c3edf.tar.xz
Documentation: ip-sysctl.txt: clarify secure_redirects
Clarify how secure_redirects works. Mention that RFC1122 always applies. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/networking/ip-sysctl.txt8
1 files changed, 5 insertions, 3 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 6c7f365b1515..9ae929395b24 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -1036,15 +1036,17 @@ proxy_arp_pvlan - BOOLEAN
shared_media - BOOLEAN
Send(router) or accept(host) RFC1620 shared media redirects.
- Overrides ip_secure_redirects.
+ Overrides secure_redirects.
shared_media for the interface will be enabled if at least one of
conf/{all,interface}/shared_media is set to TRUE,
it will be disabled otherwise
default TRUE
secure_redirects - BOOLEAN
- Accept ICMP redirect messages only for gateways,
- listed in default gateway list.
+ Accept ICMP redirect messages only to gateways listed in the
+ interface's current gateway list. Even if disabled, RFC1122 redirect
+ rules still apply.
+ Overridden by shared_media.
secure_redirects for the interface will be enabled if at least one of
conf/{all,interface}/secure_redirects is set to TRUE,
it will be disabled otherwise