[Bug 285591] IPv4 sysctl variable name change

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 285591] IPv4 sysctl variable name change"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 22 Mar 2025 21:18:28 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285591

            Bug ID: 285591
           Summary: IPv4 sysctl variable name change
           Product: Base System
           Version: 14.2-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: sbhmed@protonmail.com

Sysctl throws an unknown oid for the line
net.inet.ip.check_interface=1
The variable has been renamed
from
check_interface
to
rfc1122_strong_es

Documented as:
Enable a consistency check between the destination address
* and the arrival interface for a unicast packet (the RFC 1122
* strong ES model) with a list of additional predicates:
* - if IP forwarding is disabled
* - the packet is not locally generated
* - the packet is not subject to 'ipfw fwd'
* - Interface is not running CARP. If the packet got here, we already
* checked it with carp_iamatch() and carp_forus().

Default /etc/sysctl.conf change required:
old
IPv4 security additions
net.inet.ip.check_interface=1
new
IPv4 security additions
net.inet.ip.rfc1122_strong_es=1

==========
References
https://forums.freebsd.org/threads/sysctl-variable-throws-an-error-on-startup-net-inet-ip-check_interface.95439/
https://reviews.freebsd.org/D32912

-- 
You are receiving this mail because:
You are the assignee for the bug.