I don't think this is correct, it should be disabled by default(net.ipv4.ip_forw... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

bogomipz on Sept 27, 2019 | parent | context | favorite | on: Upstreaming multipath TCP

I don't think this is correct, it should be disabled by default(net.ipv4.ip_forward=0). At least it is in the major distros I'm familiar with. What distro are you using?

yrro on Oct 1, 2019 [–]

Distros disable it by default but it gets silently enabled when you install things like docker (and maybe livbirt) and so on.

At least Docker (as it was pointed out by a sibling reply to my comment) also sets the FORWARD chain policy to DROP.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact