summaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-04-24 19:53:38 +0200
committerLennart Poettering <lennart@poettering.net>2015-04-24 19:56:47 +0200
commit4046d8361c55c80ab8577aea52523b9e6eab0d0c (patch)
tree056b9bbe936be24d295fe43099e4a77d69e6970a /man
parente2f8d97a1316af5b2d5c1f69d12e33709e830a1b (diff)
downloadsystemd-4046d8361c55c80ab8577aea52523b9e6eab0d0c.tar.gz
systemd-4046d8361c55c80ab8577aea52523b9e6eab0d0c.tar.bz2
systemd-4046d8361c55c80ab8577aea52523b9e6eab0d0c.zip
man: extend documentation on IPForward= and IPMasquerade=
Mention the default values, and clarify how this relates to the underlying sysctls.
Diffstat (limited to 'man')
-rw-r--r--man/systemd.network.xml22
1 files changed, 20 insertions, 2 deletions
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
index 087e9e2156..c7e4db4e3c 100644
--- a/man/systemd.network.xml
+++ b/man/systemd.network.xml
@@ -358,7 +358,24 @@
the routing table. Takes either a boolean argument, or the
values <literal>ipv4</literal> or <literal>ipv6</literal>,
which only enables IP forwarding for the specified address
- family.</para></listitem>
+ family. This controls the
+ <filename>net.ipv4.conf.&lt;interface&gt;.forwarding</filename>
+ and
+ <filename>net.ipv6.conf.&lt;interface&gt;.forwarding</filename>
+ sysctl options of the network interface (see <ulink
+ url="https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt">ip-sysctl.txt</ulink>
+ for details about sysctl options). Defaults to
+ <literal>no</literal>.</para>
+
+ <para>Note: unless this option is turned on, no IP
+ forwarding is done on this interface, even if this is
+ globally turned on in the kernel, with the
+ <filename>net.ipv4.ip_forward</filename> and
+ <filename>net.ipv4.ip_forward</filename> sysctl
+ options. Also, if this option is enabled for at least one
+ interface, the global options in the kernel are also enabled
+ as necessary, to ensure IP forwarding can take place.</para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><varname>IPMasquerade=</varname></term>
@@ -366,7 +383,8 @@
interface. If enabled packets forwarded from the network
interface will be appear as coming from the local host.
Takes a boolean argument. Implies
- <varname>IPForward=yes</varname>.</para></listitem>
+ <varname>IPForward=yes</varname>. Defaults to
+ <literal>no</literal>.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>Bridge=</varname></term>