29 lines
966 B
Diff
29 lines
966 B
Diff
From 60e4181ca9ac8dbd1acb6baf85b42b0666aa56b7 Mon Sep 17 00:00:00 2001
|
|
From: Eric Garver <eric@garver.life>
|
|
Date: Wed, 19 May 2021 12:52:52 -0400
|
|
Subject: [PATCH 30/30] improvement(conf): note that IPv6_rpfilter has a
|
|
performance penalty
|
|
|
|
(cherry picked from commit cf8e0df944322f1ad283946c64bf7f933c25340d)
|
|
(cherry picked from commit 1a8bb7e5dcee3bcd691219104427daf39ead1f82)
|
|
---
|
|
config/firewalld.conf | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/config/firewalld.conf b/config/firewalld.conf
|
|
index f791b2358ab8..a0556c0bbf5b 100644
|
|
--- a/config/firewalld.conf
|
|
+++ b/config/firewalld.conf
|
|
@@ -23,6 +23,8 @@ Lockdown=no
|
|
# packet would be sent via the same interface that the packet arrived on, the
|
|
# packet will match and be accepted, otherwise dropped.
|
|
# The rp_filter for IPv4 is controlled using sysctl.
|
|
+# Note: This feature has a performance impact. See man page FIREWALLD.CONF(5)
|
|
+# for details.
|
|
# Default: yes
|
|
IPv6_rpfilter=yes
|
|
|
|
--
|
|
2.27.0
|
|
|