[root@localhost ipv4]# uname -a Linux localhost.localdomain 2.6.23.9-85.fc8 #1 SMP Fri Dec 7 14:52:29 EST 2007 i686 i686 i386 GNU/Linux [root@bert ipv4]# cd /proc/sys/net/ipv4 [root@bert ipv4]# cat ip_forward 1 [root@bert ipv4]# cat /etc/sysctl.conf | grep ip_forward net.ipv4.ip_forward = 0 [root@bert ipv4]# sysctl -p net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 [root@bert ipv4]# init 6 And after the boot: [root@localhost ~]# cd /proc/sys/net/ipv4 [root@localhost ipv4]# cat ip_forward 1 This happened both for a system with one eth card and with two cards.
Hi, are you sure, that you don't run any script that does this? Jirka
You can try to reboot the machine and login via console (don't use graphical interface) so you'll avoid any gui/automagic network setting and then check the value of ip_forward. Jirka
Hi Jirka, did so, no change... Modified inittab, shutdown, booted up, no more commands, just these below, first locally on console, later via SSH for cutting/pasting. [root@thuis ~]# who -r run-level 3 2008-01-04 16:44 last=S [root@thuis ~]# cat /etc/sysctl.conf | grep forward # Controls IP packet forwarding net.ipv4.ip_forward = 0 [root@thuis ~]# cat /proc/sys/net/ipv4/ip_forward 1 Bert
You can try to find every place, where ip_forward is mentioned, smth like: $ grep -R "ip_forward" / but be carefull this command will take a while to complete, so I wouldn't recommend it on some important server... Jirka
Had it run for 80 mins. Don't see the entries in /proc and /etc: [root@thuis ~]# mount /dev/sda6 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda2 on /boot type ext3 (rw) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) [root@thuis ~]# grep -R "ip_forward" / --exclude=/tmp Binary file /var/cache/yum/fedora/filelists.sqlite matches grep: /var/lib/xend/xend-socket: No such device or address grep: /var/lib/xend/relocation-socket: No such device or address Binary file /var/lib/rpm/Packages matches grep: /var/run/libvirt/libvirt-sock: No such device or address grep: /var/run/libvirt/libvirt-sock-ro: No such device or address grep: /var/run/dbus/system_bus_socket: No such device or address grep: /var/run/pcscd.comm: No such device or address grep: /var/run/acpid.socket: No such device or address grep: /var/run/avahi-daemon/socket: No such device or address grep: /var/run/rpcbind.sock: No such device or address grep: /var/run/audispd_events: No such device or address
Was messing around on another machine and restarted the network. There I saw IP forwarding being switched off whilst restarting. Repeated this on the little machine I am using for this. Watch the "Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0": [root@thuis ~]# cat /etc/sysctl.conf | grep ip_ net.ipv4.ip_forward = 0 *****What things should be [root@thuis ~]# cat /proc/sys/net/ipv4/ip_forward 1 *****What things are [root@thuis ~]# service network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0 [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Determining IP information for eth0... done. [ OK ] [root@thuis ~]# cat /proc/sys/net/ipv4/ip_forward 0 *****Look at that!! Hope this helps narrowing down?
You probably installed some aditional software, because ip_forward is set to 0 by default (just tested it on the fresh install of F8). The only files used to set this on startup are /etc/sysctl.conf and /etc/rc.local otherwise you have some script/software that does this. I would guess it's somewhere in /etc directory.. So try to grep the /etc dir.
Only "extra" thing I did was default Fedora iSCSI initiator. Disabled that via chkconf; no change. Had the grep running for an hour: [root@thuis ~]# grep -ri "ip_forward" /etc /etc/rc1.d/K76openvpn: #echo 1 > /proc/sys/net/ipv4/ip_forward /etc/rc1.d/K90network: if [ -f /proc/sys/net/ipv4/ip_forward ]; then /etc/rc1.d/K90network: if [ `cat /proc/sys/net/ipv4/ip_forward` != 0 ]; then /etc/rc1.d/K90network: action $"Disabling IPv4 packet forwarding: " sysctl -w net.ipv4.ip_forward=0 /etc/rc5.d/S10network: if [ -f /proc/sys/net/ipv4/ip_forward ]; then /etc/rc5.d/S10network: if [ `cat /proc/sys/net/ipv4/ip_forward` != 0 ]; then /etc/rc5.d/S10network: action $"Disabling IPv4 packet forwarding: " sysctl -w net.ipv4.ip_forward=0 /etc/rc5.d/K76openvpn: #echo 1 > /proc/sys/net/ipv4/ip_forward /etc/rc4.d/S10network: if [ -f /proc/sys/net/ipv4/ip_forward ]; then /etc/rc4.d/S10network: if [ `cat /proc/sys/net/ipv4/ip_forward` != 0 ]; then /etc/rc4.d/S10network: action $"Disabling IPv4 packet forwarding: " sysctl -w net.ipv4.ip_forward=0 /etc/rc4.d/K76openvpn: #echo 1 > /proc/sys/net/ipv4/ip_forward grep: /etc/httpd/run/libvirt/libvirt-sock: No such device or address grep: /etc/httpd/run/libvirt/libvirt-sock-ro: No such device or address grep: /etc/httpd/run/dbus/system_bus_socket: No such device or address grep: /etc/httpd/run/pcscd.comm: No such device or address grep: /etc/httpd/run/acpid.socket: No such device or address grep: /etc/httpd/run/avahi-daemon/socket: No such device or address grep: /etc/httpd/run/rpcbind.sock: No such device or address grep: /etc/httpd/run/audispd_events: No such device or address
You're right, I tried it on another machine with default settings and it's set to 1, so now I'm reinstalling my testing machine :) Did you use default settings? J.
This message is a reminder that Fedora 8 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 8. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '8'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 8's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 8 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Fedora 8 changed to end-of-life (EOL) status on 2009-01-07. Fedora 8 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.