diff options
author | Avery Pennarun <apenwarr@gmail.com> | 2010-10-01 00:39:30 -0700 |
---|---|---|
committer | Avery Pennarun <apenwarr@gmail.com> | 2010-10-01 00:39:30 -0700 |
commit | f950a3800bb2b935e8b8addd57ed4f1e35eb9b0f (patch) | |
tree | a36480461d3fc758d742314d5cd50bbdd0fca157 | |
parent | 8b4466b802ff3fb19b80f5d594a188c4638b32d6 (diff) |
BSD: sysctl net.inet.ip.forwarding=1 is not necessary.
If your machine is a firewall/router, it affects whether people behind the
router can use your sshuttle connection - in the same way that it affects
whether they can route *anything* through you. And thus, it should be set
by the admin, not by sshuttle.
sshuttle works fine for the local user either way.
(This also affects MacOS since it's a BSD variant.)
-rw-r--r-- | firewall.py | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/firewall.py b/firewall.py index 8f57504..584b1af 100644 --- a/firewall.py +++ b/firewall.py @@ -129,7 +129,6 @@ def do_ipfw(port, subnets): if subnets: sysctl_set('net.inet.ip.fw.enable', 1) - sysctl_set('net.inet.ip.forwarding', 1) sysctl_set('net.inet.ip.scopedroute', 0) ipfw('add', sport, 'check-state', 'ip', |