From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040808 Firefox/0.9.3 Description of problem: Fedora's default /etc/sysctl.conf disallows ip forwarding by default, and it turns on the rp_filter sanity checks. That's nice. However, I believe that sysctl.conf should also contain a line like this: net.ipv4.conf.default.accept_source_route = 0 I've looked over various articles about source routed packets, and they all suggest that an operating system should normally be configured to drop them (openbsd and recent Solaris versions drops them by default, I've heard - while Linux and Windows don't drop such packets). Except for certain debugging purposes, handling of source routed packets seem to be relevant only in some large router-installations, it seems. Source routed packets are bad because they can be used for IP spoofing. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: Check out /etc/sysctl.conf in any recent version of the initscript package, and check out the value of /proc/sys/net/ipv4/conf/default/accept_source_route on a fresh Fedora installation (don't know about pre-RH62 installations). Additional info:
Bug report was for FC2. Seems fixed in FC3, thanks.