</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>IPv4SrcValidMark=</varname></term>
+ <listitem>
+ <para>Takes a boolean. When enabled, the packet's firewall mark (fwmark) is included in the
+ reverse path filter route lookup for source address validation on this interface. This is
+ particularly useful for policy routing setups where packets may arrive with source addresses
+ that are only valid in routing tables selected by their fwmark. When unset, the kernel's
+ default will be used.</para>
+
+ <xi:include href="version-info.xml" xpointer="v261"/>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>IPv4ProxyARP=</varname></term>
<listitem>
static int link_set_ipv4_src_valid_mark(Link *link) {
assert(link);
assert(link->manager);
+ assert(link->network);
if (!link_is_configured_for_family(link, AF_INET))
return 0;
IPv6ProxyNDP=yes
IPv6AcceptRA=no
IPv4AcceptLocal=yes
+IPv4SrcValidMark=yes
IPv4ReversePathFilter=no
MulticastIGMPVersion=v1
self.check_ipv4_sysctl_attr('dummy98', 'proxy_arp', '1')
self.check_ipv4_sysctl_attr('dummy98', 'proxy_arp_pvlan', '1')
self.check_ipv4_sysctl_attr('dummy98', 'accept_local', '1')
+ self.check_ipv4_sysctl_attr('dummy98', 'src_valid_mark', '1')
self.check_ipv4_sysctl_attr('dummy98', 'rp_filter', '0')
self.check_ipv4_sysctl_attr('dummy98', 'force_igmp_version', '1')
projects / thirdparty / systemd.git / commitdiff
