diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | initscripts.spec | 5 | ||||
-rw-r--r-- | sysctl.conf | 3 | ||||
-rw-r--r-- | sysctl.conf.s390 | 3 | ||||
-rw-r--r-- | sysctl.conf.sparc | 3 |
5 files changed, 19 insertions, 1 deletions
@@ -1,3 +1,9 @@ +2004-10-07 Florian La Roche <laroche@redhat.com> + + * ChangeLog, initscripts.spec: 7.89-1 + + * sysctl.conf*: disallow source routed packets per default + 2004-10-06 Bill Nottingham <notting@redhat.com> * ChangeLog, initscripts.spec: 7.88-1 diff --git a/initscripts.spec b/initscripts.spec index 867d0f4c..139e8446 100644 --- a/initscripts.spec +++ b/initscripts.spec @@ -1,6 +1,6 @@ Summary: The inittab file and the /etc/init.d scripts. Name: initscripts -Version: 7.88 +Version: 7.89 License: GPL Group: System Environment/Base Release: 1 @@ -207,6 +207,9 @@ rm -rf $RPM_BUILD_ROOT %ghost %attr(0664,root,utmp) /var/run/utmp %changelog +* Thu Oct 07 2004 Florian La Roche <Florian.LaRoche@redhat.de> +- change /etc/sysctl.conf to not allow source routed packets per default + * Fri Oct 6 2004 Bill Nottingham <notting@redhat.com> - 7.88-1 - fix requires diff --git a/sysctl.conf b/sysctl.conf index 044bf27a..db98922f 100644 --- a/sysctl.conf +++ b/sysctl.conf @@ -9,6 +9,9 @@ net.ipv4.ip_forward = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 +# Do not accept source routing +net.ipv4.conf.default.accept_source_route = 0 + # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 diff --git a/sysctl.conf.s390 b/sysctl.conf.s390 index ef22e8bb..0ddc1d55 100644 --- a/sysctl.conf.s390 +++ b/sysctl.conf.s390 @@ -9,6 +9,9 @@ net.ipv4.ip_forward = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 +# Do not accept source routing +net.ipv4.conf.default.accept_source_route = 0 + # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 diff --git a/sysctl.conf.sparc b/sysctl.conf.sparc index d96eafc3..3fc5c31b 100644 --- a/sysctl.conf.sparc +++ b/sysctl.conf.sparc @@ -9,6 +9,9 @@ net.ipv4.ip_forward = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 +# Do not accept source routing +net.ipv4.conf.default.accept_source_route = 0 + # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 |