1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tomato vs. DD WRT

Discussion in 'Tomato Firmware' started by Domini, Oct 12, 2008.

  1. Domini

    Domini Addicted to LI Member

    Hello

    Im new user of Tomato firmware, on WRT54GL router. Before Tomato i
    used DD WRT.
    I had one little script in Firewall script on DD WRT firmware, like this :

    #!/bin/sh

    #
    # Warning! As I don't use Emule or similiar programs I can't guaranty their function.
    # If you find a workable solution just add it to this wiki.
    # I found testing some of the setting manually that the ipfrag settings will break emule,
    # maybe some others too...
    #
    # Enjoy your enhanced security,
    #
    # St. Karitzl
    # info@user1.walztech.de
    # http://daywalker81.de.vu

    echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
    echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
    echo 1 > /proc/sys/net/ipv4/ip_forward

    # the following two parametes will break at least emule and are way too low to make sense.
    #echo 1024 > /proc/sys/net/ipv4/ipfrag_high_thresh
    #echo 512 > /proc/sys/net/ipv4/ipfrag_low_thresh
    echo 64000 > /proc/sys/net/ipv4/ipfrag_high_thresh
    echo 48000 > /proc/sys/net/ipv4/ipfrag_low_thresh
    #

    echo 10 > /proc/sys/net/ipv4/ipfrag_time
    echo 5 > /proc/sys/net/ipv4/icmp_ratelimit
    echo 1 > /proc/sys/net/ipv4/tcp_syncookies
    echo 0 > /proc/sys/net/ipv4/conf/vlan0 eth1 /accept_source_route
    echo 0 > /proc/sys/net/ipv4/conf/vlan0 eth1 /accept_redirects
    echo 1 > /proc/sys/net/ipv4/conf/vlan0 eth1 /log_martians
    echo 10 > /proc/sys/net/ipv4/neigh/vlan0 eth1 /locktime
    echo 0 > /proc/sys/net/ipv4/conf/vlan0 eth1 /proxy_arp
    echo 50 > /proc/sys/net/ipv4/neigh/vlan0 eth1 /gc_stale_time

    #
    # The following entries secure the last bit and provide a
    # moderate protection against man-in-the-middle attacks.
    #

    echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects
    echo 0 > /proc/sys/net/ipv4/conf/eth1/secure_redirects
    echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
    echo 5 > /proc/sys/net/ipv4/igmp_max_memberships
    echo 2 > /proc/sys/net/ipv4/igmp_max_msf
    echo 1024 > /proc/sys/net/ipv4/tcp_max_orphans
    echo 2 > /proc/sys/net/ipv4/tcp_syn_retries
    echo 2 > /proc/sys/net/ipv4/tcp_synack_retries
    echo 1 > /proc/sys/net/ipv4/tcp_abort_on_overflow
    echo 10 > /proc/sys/net/ipv4/tcp_fin_timeout
    echo 0 > /proc/sys/net/ipv4/route/redirect_number
    echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
    echo 1 > /proc/sys/net/ipv4/conf/eth1/rp_filter
    echo 1 > /proc/sys/net/ipv4/tcp_syncookies
    echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
    echo 61 > /proc/sys/net/ipv4/ip_default_ttl

    # DoS protection by tweaking the timeouts
    echo "1800" > /proc/sys/net/ipv4/tcp_keepalive_time
    echo "0" > /proc/sys/net/ipv4/tcp_window_scaling
    echo "0" > /proc/sys/net/ipv4/tcp_sack

    # We pretend to be a Checkpoint firewall on Windows XP
    echo 4096 87380 4194304 >/proc/sys/net/ipv4/tcp_rmem
    echo 4096 87380 4194304 >/proc/sys/net/ipv4/tcp_wmem

    # Check network overload (explicit congestion notification)
    echo 1 > /proc/sys/net/ipv4/tcp_ecn

    # Change port range for outgoing traffic
    echo "30000 60000" > /proc/sys/net/ipv4/ip_local_port_range

    # Change default queue size
    # Modified for DD-WRT because of missing proc entries

    echo 4096 > /proc/sys/net/ipv4/ip_conntrack_max

    # LED signal feedback when script ends
    sleep 1
    gpio enable 3
    sleep 1
    gpio disable 3
    sleep 1
    gpio enable 3
    sleep 1
    gpio disable 2
    sleep 1
    gpio enable 2
    sleep 1
    gpio disable 2

    # If you'd like to disable the web interface uncomment
    # the following line
    #killall httpd

    My Question is , could i use something simillar to
    this on Tomato and how to rewritte it to fit
    into Tomato?I do not use ssh, ftp telnet or anything
    else, i onlywanna have abiltiy to portforward ports
    and trigger them. On the other side i wanna have my
    network secured.Whit this script i had have a little bit
    more secured network. Im real noob whit iptable thang,
    and i would be very happy if i could get some custom
    iptables that block icmp, igmp multicast netbios, telnet
    and tweaks like this script for DD WRT had have.

    Sorry for my bad English,

    Me bb later ;) - Have a good time
     
  2. mstombs

    mstombs Network Guru Member

    You can very similar in tomato - paste in a firewall script into the web gui - you may have to reduce its size and fix the syntax errors though.

    You will find the Tomato author has already set sensible defaults for most, and web gui boxes for others. Check first what is running using ssh for example, mine current has:-

    Code:
    # cd /proc/sys/net/ipv4/
    # for f in *;do echo -n $f " = ";cat $f;done
    icmp_echo_ignore_all  = 0
    icmp_echo_ignore_broadcasts  = 0
    icmp_ignore_bogus_error_responses  = 0
    icmp_ratelimit  = 100
    icmp_ratemask  = 6168
    igmp_max_memberships  = 20
    inet_peer_gc_maxtime  = 120
    inet_peer_gc_mintime  = 10
    inet_peer_maxttl  = 600
    inet_peer_minttl  = 120
    inet_peer_threshold  = 32832
    ip_autoconfig  = 0
    ip_conntrack_max  = 4096
    ip_conntrack_tcp_timeouts  = 1800       14400   120     60      120     120     10      120     30      120
    ip_conntrack_udp_timeouts  = 30 180
    ip_default_ttl  = 64
    ip_dynaddr  = 0
    ip_forward  = 1
    ip_local_port_range  = 1024     4999
    ip_no_pmtu_disc  = 0
    ip_nonlocal_bind  = 0
    ipfrag_high_thresh  = 262144
    ipfrag_low_thresh  = 196608
    ipfrag_time  = 30
    tcp_abort_on_overflow  = 0
    tcp_adv_win_scale  = 2
    tcp_app_win  = 31
    tcp_dsack  = 1
    tcp_ecn  = 0
    tcp_fack  = 1
    tcp_fin_timeout  = 60
    tcp_keepalive_intvl  = 75
    tcp_keepalive_probes  = 9
    tcp_keepalive_time  = 7200
    tcp_max_orphans  = 4096
    tcp_max_syn_backlog  = 128
    tcp_max_tw_buckets  = 8192
    tcp_mem  = 5120 5632    6144
    tcp_orphan_retries  = 0
    tcp_reordering  = 3
    tcp_retrans_collapse  = 1
    tcp_retries1  = 3
    tcp_retries2  = 15
    tcp_rfc1337  = 0
    tcp_rmem  = 4096        43689   87378
    tcp_sack  = 1
    tcp_stdurg  = 0
    tcp_syn_retries  = 5
    tcp_synack_retries  = 5
    tcp_syncookies  = 0
    tcp_timestamps  = 1
    tcp_tw_recycle  = 0
    tcp_tw_reuse  = 0
    tcp_window_scaling  = 1
    tcp_wmem  = 4096        16384   65536
    Code:
    # for f in */*;do echo -n $f " = ";cat $f;done
    route/error_burst  = 500
    route/error_cost  = 100
    route/gc_elasticity  = 8
    route/gc_interval  = 60
    route/gc_min_interval  = 5
    route/gc_thresh  = 512
    route/gc_timeout  = 300
    route/max_delay  = 10
    route/max_size  = 8192
    route/min_adv_mss  = 256
    route/min_delay  = 2
    route/min_pmtu  = 552
    route/mtu_expires  = 600
    route/redirect_load  = 2
    route/redirect_number  = 9
    route/redirect_silence  = 2048
    Code:
    for f in */*/*;do echo -n $f " = ";cat $f;done
    conf/all/accept_redirects  = 0
    conf/all/accept_source_route  = 0
    conf/all/arp_filter  = 0
    conf/all/bootp_relay  = 0
    conf/all/forwarding  = 1
    conf/all/log_martians  = 0
    conf/all/mc_forwarding  = 0
    conf/all/medium_id  = 0
    conf/all/proxy_arp  = 0
    conf/all/rp_filter  = 1
    conf/all/secure_redirects  = 1
    conf/all/send_redirects  = 1
    conf/all/shared_media  = 1
    conf/all/tag  = 0
    conf/br0/accept_redirects  = 1
    conf/br0/accept_source_route  = 1
    conf/br0/arp_filter  = 0
    conf/br0/bootp_relay  = 0
    conf/br0/forwarding  = 1
    conf/br0/log_martians  = 0
    conf/br0/mc_forwarding  = 0
    conf/br0/medium_id  = 0
    conf/br0/proxy_arp  = 0
    conf/br0/rp_filter  = 1
    conf/br0/secure_redirects  = 1
    conf/br0/send_redirects  = 1
    conf/br0/shared_media  = 1
    conf/br0/tag  = 0
    conf/default/accept_redirects  = 1
    conf/default/accept_source_route  = 1
    conf/default/arp_filter  = 0
    conf/default/bootp_relay  = 0
    conf/default/forwarding  = 1
    conf/default/log_martians  = 0
    conf/default/mc_forwarding  = 0
    conf/default/medium_id  = 0
    conf/default/proxy_arp  = 0
    conf/default/rp_filter  = 1
    conf/default/secure_redirects  = 1
    conf/default/send_redirects  = 1
    conf/default/shared_media  = 1
    conf/default/tag  = 0
    conf/lo/accept_redirects  = 1
    conf/lo/accept_source_route  = 1
    conf/lo/arp_filter  = 0
    conf/lo/bootp_relay  = 0
    conf/lo/forwarding  = 1
    conf/lo/log_martians  = 0
    conf/lo/mc_forwarding  = 0
    conf/lo/medium_id  = 0
    conf/lo/proxy_arp  = 0
    conf/lo/rp_filter  = 1
    conf/lo/secure_redirects  = 1
    conf/lo/send_redirects  = 1
    conf/lo/shared_media  = 1
    conf/lo/tag  = 0
    conf/vlan1/accept_redirects  = 1
    conf/vlan1/accept_source_route  = 1
    conf/vlan1/arp_filter  = 0
    conf/vlan1/bootp_relay  = 0
    conf/vlan1/forwarding  = 1
    conf/vlan1/log_martians  = 0
    conf/vlan1/mc_forwarding  = 0
    conf/vlan1/medium_id  = 0
    conf/vlan1/proxy_arp  = 0
    conf/vlan1/rp_filter  = 1
    conf/vlan1/secure_redirects  = 1
    conf/vlan1/send_redirects  = 1
    conf/vlan1/shared_media  = 1
    conf/vlan1/tag  = 0
    conf/vlan2/accept_redirects  = 1
    conf/vlan2/accept_source_route  = 1
    conf/vlan2/arp_filter  = 0
    conf/vlan2/bootp_relay  = 0
    conf/vlan2/forwarding  = 1
    conf/vlan2/log_martians  = 0
    conf/vlan2/mc_forwarding  = 0
    conf/vlan2/medium_id  = 0
    conf/vlan2/proxy_arp  = 0
    conf/vlan2/rp_filter  = 1
    conf/vlan2/secure_redirects  = 1
    conf/vlan2/send_redirects  = 1
    conf/vlan2/shared_media  = 1
    conf/vlan2/tag  = 0
    neigh/br0/anycast_delay  = 100
    neigh/br0/app_solicit  = 0
    neigh/br0/base_reachable_time  = 60
    neigh/br0/delay_first_probe_time  = 10
    neigh/br0/gc_stale_time  = 120
    neigh/br0/locktime  = 100
    neigh/br0/mcast_solicit  = 6
    neigh/br0/proxy_delay  = 80
    neigh/br0/proxy_qlen  = 64
    neigh/br0/retrans_time  = 500
    neigh/br0/ucast_solicit  = 6
    neigh/br0/unres_qlen  = 3
    neigh/default/anycast_delay  = 100
    neigh/default/app_solicit  = 0
    neigh/default/base_reachable_time  = 60
    neigh/default/delay_first_probe_time  = 10
    neigh/default/gc_interval  = 30
    neigh/default/gc_stale_time  = 120
    neigh/default/gc_thresh1  = 128
    neigh/default/gc_thresh2  = 512
    neigh/default/gc_thresh3  = 1024
    neigh/default/locktime  = 100
    neigh/default/mcast_solicit  = 6
    neigh/default/proxy_delay  = 80
    neigh/default/proxy_qlen  = 64
    neigh/default/retrans_time  = 500
    neigh/default/ucast_solicit  = 6
    neigh/default/unres_qlen  = 3
    neigh/lo/anycast_delay  = 100
    neigh/lo/app_solicit  = 0
    neigh/lo/base_reachable_time  = 60
    neigh/lo/delay_first_probe_time  = 10
    neigh/lo/gc_stale_time  = 120
    neigh/lo/locktime  = 100
    neigh/lo/mcast_solicit  = 6
    neigh/lo/proxy_delay  = 80
    neigh/lo/proxy_qlen  = 64
    neigh/lo/retrans_time  = 500
    neigh/lo/ucast_solicit  = 6
    neigh/lo/unres_qlen  = 3
    neigh/vlan1/anycast_delay  = 100
    neigh/vlan1/app_solicit  = 0
    neigh/vlan1/base_reachable_time  = 60
    neigh/vlan1/delay_first_probe_time  = 10
    neigh/vlan1/gc_stale_time  = 120
    neigh/vlan1/locktime  = 100
    neigh/vlan1/mcast_solicit  = 6
    neigh/vlan1/proxy_delay  = 80
    neigh/vlan1/proxy_qlen  = 64
    neigh/vlan1/retrans_time  = 500
    neigh/vlan1/ucast_solicit  = 6
    neigh/vlan1/unres_qlen  = 3
    neigh/vlan2/anycast_delay  = 100
    neigh/vlan2/app_solicit  = 0
    neigh/vlan2/base_reachable_time  = 60
    neigh/vlan2/delay_first_probe_time  = 10
    neigh/vlan2/gc_stale_time  = 120
    neigh/vlan2/locktime  = 100
    neigh/vlan2/mcast_solicit  = 6
    neigh/vlan2/proxy_delay  = 80
    neigh/vlan2/proxy_qlen  = 64
    neigh/vlan2/retrans_time  = 500
    neigh/vlan2/ucast_solicit  = 6
    neigh/vlan2/unres_qlen  = 3
     
  3. Domini

    Domini Addicted to LI Member

    Hello

    Tnx for your replay mstombs.
    Im glad to hear that i can use script from DD WRT in Tomato.
    But i dont know how to fix syntax (noob 4 real) :D

    I tried this commands whit telnet as you showed, i get this : -

    Code:
    # for f in *;do echo -n $f " = ";cat $f;done
    conf  = cat: Read Error: Is a directory
    icmp_echo_ignore_all  = 0
    icmp_echo_ignore_broadcasts  = 0
    icmp_ignore_bogus_error_responses  = 0
    icmp_ratelimit  = 100
    icmp_ratemask  = 6168
    igmp_max_memberships  = 20
    inet_peer_gc_maxtime  = 120
    inet_peer_gc_mintime  = 10
    inet_peer_maxttl  = 600
    inet_peer_minttl  = 120
    inet_peer_threshold  = 16416
    ip_autoconfig  = 0
    ip_conntrack_max  = 4096
    ip_conntrack_tcp_timeouts  = 1800       14400   120     60      120     120     10      60      30      120
    ip_conntrack_udp_timeouts  = 30 180
    ip_default_ttl  = 64
    ip_dynaddr  = 0
    ip_forward  = 1
    ip_local_port_range  = 2048     4999
    ip_no_pmtu_disc  = 0
    ip_nonlocal_bind  = 0
    ipfrag_high_thresh  = 262144
    ipfrag_low_thresh  = 196608
    ipfrag_time  = 30
    neigh  = cat: Read Error: Is a directory
    route  = cat: Read Error: Is a directory
    tcp_abort_on_overflow  = 0
    tcp_adv_win_scale  = 2
    tcp_app_win  = 31
    tcp_dsack  = 1
    tcp_ecn  = 0
    tcp_fack  = 1
    tcp_fin_timeout  = 60
    tcp_keepalive_intvl  = 75
    tcp_keepalive_probes  = 9
    tcp_keepalive_time  = 7200
    tcp_max_orphans  = 2048
    tcp_max_syn_backlog  = 128
    tcp_max_tw_buckets  = 4096
    tcp_mem  = 2048 2560    3072
    tcp_orphan_retries  = 0
    tcp_reordering  = 3
    tcp_retrans_collapse  = 1
    tcp_retries1  = 3
    tcp_retries2  = 15
    tcp_rfc1337  = 0
    tcp_rmem  = 4096        43689   87378
    tcp_sack  = 1
    tcp_stdurg  = 0
    tcp_syn_retries  = 5
    tcp_synack_retries  = 5
    tcp_syncookies  = 0
    tcp_timestamps  = 1
    tcp_tw_recycle  = 0
    tcp_tw_reuse  = 0
    tcp_window_scaling  = 1
    tcp_wmem  = 4096        16384   65536
    Code:
    # for f in */*;do echo -n $f " = ";cat $f;done
    conf/all  = cat: Read Error: Is a directory
    conf/br0  = cat: Read Error: Is a directory
    conf/default  = cat: Read Error: Is a directory
    conf/lo  = cat: Read Error: Is a directory
    conf/ppp0  = cat: Read Error: Is a directory
    neigh/br0  = cat: Read Error: Is a directory
    neigh/default  = cat: Read Error: Is a directory
    neigh/lo  = cat: Read Error: Is a directory
    neigh/ppp0  = cat: Read Error: Is a directory
    route/error_burst  = 500
    route/error_cost  = 100
    route/flush  = cat: Read Error: Invalid argument
    route/gc_elasticity  = 8
    route/gc_interval  = 60
    route/gc_min_interval  = 5
    route/gc_thresh  = 512
    route/gc_timeout  = 300
    route/max_delay  = 10
    route/max_size  = 8192
    route/min_adv_mss  = 256
    route/min_delay  = 2
    route/min_pmtu  = 552
    route/mtu_expires  = 600
    route/redirect_load  = 2
    route/redirect_number  = 9
    route/redirect_silence  = 2048
    Code:
    # for f in */*/*;do echo -n $f " = ";cat $f;done
    conf/all/accept_redirects  = 0
    conf/all/accept_source_route  = 0
    conf/all/arp_filter  = 0
    conf/all/bootp_relay  = 0
    conf/all/forwarding  = 1
    conf/all/log_martians  = 0
    conf/all/mc_forwarding  = 0
    conf/all/medium_id  = 0
    conf/all/proxy_arp  = 0
    conf/all/rp_filter  = 1
    conf/all/secure_redirects  = 1
    conf/all/send_redirects  = 1
    conf/all/shared_media  = 1
    conf/all/tag  = 0
    conf/br0/accept_redirects  = 1
    conf/br0/accept_source_route  = 1
    conf/br0/arp_filter  = 0
    conf/br0/bootp_relay  = 0
    conf/br0/forwarding  = 1
    conf/br0/log_martians  = 0
    conf/br0/mc_forwarding  = 0
    conf/br0/medium_id  = 0
    conf/br0/proxy_arp  = 0
    conf/br0/rp_filter  = 1
    conf/br0/secure_redirects  = 1
    conf/br0/send_redirects  = 1
    conf/br0/shared_media  = 1
    conf/br0/tag  = 0
    conf/default/accept_redirects  = 1
    conf/default/accept_source_route  = 1
    conf/default/arp_filter  = 0
    conf/default/bootp_relay  = 0
    conf/default/forwarding  = 1
    conf/default/log_martians  = 0
    conf/default/mc_forwarding  = 0
    conf/default/medium_id  = 0
    conf/default/proxy_arp  = 0
    conf/default/rp_filter  = 1
    conf/default/secure_redirects  = 1
    conf/default/send_redirects  = 1
    conf/default/shared_media  = 1
    conf/default/tag  = 0
    conf/lo/accept_redirects  = 1
    conf/lo/accept_source_route  = 1
    conf/lo/arp_filter  = 0
    conf/lo/bootp_relay  = 0
    conf/lo/forwarding  = 1
    conf/lo/log_martians  = 0
    conf/lo/mc_forwarding  = 0
    conf/lo/medium_id  = 0
    conf/lo/proxy_arp  = 0
    conf/lo/rp_filter  = 1
    conf/lo/secure_redirects  = 1
    conf/lo/send_redirects  = 1
    conf/lo/shared_media  = 1
    conf/lo/tag  = 0
    conf/ppp0/accept_redirects  = 1
    conf/ppp0/accept_source_route  = 1
    conf/ppp0/arp_filter  = 0
    conf/ppp0/bootp_relay  = 0
    conf/ppp0/forwarding  = 1
    conf/ppp0/log_martians  = 0
    conf/ppp0/mc_forwarding  = 0
    conf/ppp0/medium_id  = 0
    conf/ppp0/proxy_arp  = 0
    conf/ppp0/rp_filter  = 1
    conf/ppp0/secure_redirects  = 1
    conf/ppp0/send_redirects  = 1
    conf/ppp0/shared_media  = 1
    conf/ppp0/tag  = 0
    neigh/br0/anycast_delay  = 100
    neigh/br0/app_solicit  = 0
    neigh/br0/base_reachable_time  = 60
    neigh/br0/delay_first_probe_time  = 10
    neigh/br0/gc_stale_time  = 120
    neigh/br0/locktime  = 100
    neigh/br0/mcast_solicit  = 6
    neigh/br0/proxy_delay  = 80
    neigh/br0/proxy_qlen  = 64
    neigh/br0/retrans_time  = 500
    neigh/br0/ucast_solicit  = 6
    neigh/br0/unres_qlen  = 3
    neigh/default/anycast_delay  = 100
    neigh/default/app_solicit  = 0
    neigh/default/base_reachable_time  = 60
    neigh/default/delay_first_probe_time  = 10
    neigh/default/gc_interval  = 30
    neigh/default/gc_stale_time  = 120
    neigh/default/gc_thresh1  = 128
    neigh/default/gc_thresh2  = 512
    neigh/default/gc_thresh3  = 1024
    neigh/default/locktime  = 100
    neigh/default/mcast_solicit  = 6
    neigh/default/proxy_delay  = 80
    neigh/default/proxy_qlen  = 64
    neigh/default/retrans_time  = 500
    neigh/default/ucast_solicit  = 6
    neigh/default/unres_qlen  = 3
    neigh/lo/anycast_delay  = 100
    neigh/lo/app_solicit  = 0
    neigh/lo/base_reachable_time  = 60
    neigh/lo/delay_first_probe_time  = 10
    neigh/lo/gc_stale_time  = 120
    neigh/lo/locktime  = 100
    neigh/lo/mcast_solicit  = 6
    neigh/lo/proxy_delay  = 80
    neigh/lo/proxy_qlen  = 64
    neigh/lo/retrans_time  = 500
    neigh/lo/ucast_solicit  = 6
    neigh/lo/unres_qlen  = 3
    neigh/ppp0/anycast_delay  = 100
    neigh/ppp0/app_solicit  = 0
    neigh/ppp0/base_reachable_time  = 60
    neigh/ppp0/delay_first_probe_time  = 10
    neigh/ppp0/gc_stale_time  = 120
    neigh/ppp0/locktime  = 100
    neigh/ppp0/mcast_solicit  = 6
    neigh/ppp0/proxy_delay  = 80
    neigh/ppp0/proxy_qlen  = 64
    neigh/ppp0/retrans_time  = 500
    neigh/ppp0/ucast_solicit  = 6
    neigh/ppp0/unres_qlen  = 3
    How does it looks to you?
    Could you fix the syntax in script i posted earylier?

    Bye

    Have a good time

    ------------------------------
    Domini
     
  4. mstombs

    mstombs Network Guru Member

    I was referring to this bit

    Code:
    echo 0 > /proc/sys/net/ipv4/conf/vlan0 eth1 /accept_source_route
    echo 0 > /proc/sys/net/ipv4/conf/vlan0 eth1 /accept_redirects
    echo 1 > /proc/sys/net/ipv4/conf/vlan0 eth1 /log_martians
    echo 10 > /proc/sys/net/ipv4/neigh/vlan0 eth1 /locktime
    echo 0 > /proc/sys/net/ipv4/conf/vlan0 eth1 /proxy_arp
    echo 50 > /proc/sys/net/ipv4/neigh/vlan0 eth1 /gc_stale_time
    Those file names don't look right, and I don't think the syntax is correct for multiple dirs.

    don't worry about those errors in the commands I showed, I just cut them from my post - you cant show the contents of a directory file!
     

Share This Page