55831 – Options on /etc/conf.d/iptables not overring the ones in /etc/sysctl.conf

Bug 55831 - Options on /etc/conf.d/iptables not overring the ones in /etc/sysctl.conf

Summary: Options on /etc/conf.d/iptables not overring the ones in /etc/sysctl.conf

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Unspecified (show other bugs)
Hardware:	x86 Linux

Importance:	High minor (vote)
Assignee:	Daniel Ahlberg (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-07-01 14:49 UTC by Renato Fernandes Cantão
Modified:	2004-07-04 04:31 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Renato Fernandes Cantão 2004-07-01 14:49:21 UTC

On /etc/conf.d/iptables we have the following:

# Change to "yes" to enable forwarding support in the kernel.  Please
# note that this will override any setting placed in /etc/sysctl.conf.
ENABLE_FORWARDING_IPv4="yes"

*but*, forwarding was back *only* when I changed /etc/sysctl.conf to

net.ipv4.ip_forward = 1

That happened after a huge emerge -uvD world, that updated among zillions of things, iptables (now version iptables-1.2.9-r3).

Reproducible: Always
Steps to Reproduce:
1. Set net.ipv4.ip_forward = 0 on /etc/sysctl.conf
2. Set ENABLE_FORWARDING_IPv4="yes" on /etc/conf.d/iptables
3. Restart your firewall (/etc/init.d/firewall restart).

Actual Results:  
Firewall stopped forwarding.

Expected Results:  
Firewall should allow forwarding.

Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev

2004-07-04 04:31:07 UTC

You probably haven't updated /etc/init.d/confd with the new version (run etc-update).  Forwarding was removed in 1.2.9-r1.