diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2017-07-21 05:07:10 -0400 |
---|---|---|
committer | Dee'Kej <deekej@linuxmail.org> | 2017-07-27 15:45:50 +0200 |
commit | 13d638c0a7df4a998429163b9a0189dcffa2393a (patch) | |
tree | cbf090fc619257d100d964af82b1e95e85e1e110 /sysctl.conf | |
parent | cb1e9cea1c74aa0f29038449a4c557a9a3ce5d89 (diff) | |
download | initscripts-13d638c0a7df4a998429163b9a0189dcffa2393a.tar initscripts-13d638c0a7df4a998429163b9a0189dcffa2393a.tar.gz initscripts-13d638c0a7df4a998429163b9a0189dcffa2393a.tar.bz2 initscripts-13d638c0a7df4a998429163b9a0189dcffa2393a.tar.xz initscripts-13d638c0a7df4a998429163b9a0189dcffa2393a.zip |
Drop sysctl.d/00-system.conf
This file now only contains lines to disable netfilter on bridges.
In kernel 3.18 this filtering functionality was made non-default by
moving it to br_netfilter [https://bugzilla.redhat.com/show_bug.cgi?id=512206].
Aybody who actually wants to use br_netfilter has to load it explicitly
anyway, so disabling it through sysctl isn't necessary anymore.
The reason for removal is that by default (i.e. when br_netfilter is
not loaded), we get a warning on every boot:
systemd-sysctl[210]: Couldn't write '0' to 'net/bridge/bridge-nf-call-ip6tables', ignoring: No such file or directory
systemd-sysctl[210]: Couldn't write '0' to 'net/bridge/bridge-nf-call-iptables', ignoring: No such file or directory
systemd-sysctl[210]: Couldn't write '0' to 'net/bridge/bridge-nf-call-arptables', ignoring: No such file or directory
This is confusing for users and inelegant.
The downside of removing this file is for people who load br_netfilter
for some reason *and* do no want to use it, will have to take an
additional step now (either restore the sysctl settings or remove br_netfilter
from /etc/modules-load.d or wherever). I expect the number of people affected
to be very small.
(Note that the file was overwritten on sparc and s390, so those
architectures see no change.)
Diffstat (limited to 'sysctl.conf')
-rw-r--r-- | sysctl.conf | 9 |
1 files changed, 0 insertions, 9 deletions
diff --git a/sysctl.conf b/sysctl.conf deleted file mode 100644 index f8484efa..00000000 --- a/sysctl.conf +++ /dev/null @@ -1,9 +0,0 @@ -# Kernel sysctl configuration file -# -# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and -# sysctl.conf(5) for more details. - -# Disable netfilter on bridges. -net.bridge.bridge-nf-call-ip6tables = 0 -net.bridge.bridge-nf-call-iptables = 0 -net.bridge.bridge-nf-call-arptables = 0 |