Configure /proc

Enable packet forwarding

if [ -e /proc/sys/net/ipv4/ip_forward ]; then
    echo "1" > /proc/sys/net/ipv4/ip_forward
    echo -n "."
else
    echo "*** /proc/sys/net/ipv4/ip_forward does not exist!"
    echo "*** This is very bad (firewall probably won't work)!"
fi

Enable ARP proxy (be careful with this! )

echo "0" > /proc/sys/net/ipv4/conf/all/proxy_arp 
echo "1" > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo "1" > /proc/sys/net/ipv4/conf/eth1/proxy_arp

If some entries in /proc are missing, kernel is not configured to support this feature.

http://www.linuxdoc.org/HOWTO/Adv-Routing-HOWTO.html
http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/gen-syssecured.html

back

Advanced Firewalls and Routing using Linux