From 6b6cd0a8b51eb0b569bc8b9a68d785702786d7fa Mon Sep 17 00:00:00 2001
From: Naredula Janardhana Reddy <jana@cloud.com>
Date: Fri, 4 Nov 2011 17:08:20 +0530
Subject: [PATCH] bug 11191: rp_filter changes. The following are summary of
 changes:    1) when network.disable.rpfilter is set to true, then rp_filter
 will be disadbled(set to 0) on all the public interfaces and also default
 setting of the system.    2) when network.disable.rpfilter is set to false,
 then rp_filter will be enabled(set to 1) on all the public interfaces and
 also default setting of the system.    3) here public public interface means
 , eth2 ... ethN. default setting means
 (/proc/sys/net/ipv4/conf/default/rp_filter).    4) Default setting change
 will have impact on non-public interface. Due to  these, rp_filter is always
 enabled on Non-public interfaces(eth0,eth1 and lo).    5) when  a new public
 interface is created, new interface will take rp_filter value from the
 default setting.

---
 patches/systemvm/debian/config/etc/init.d/cloud-early-config | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-early-config b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
index 06d0f516339..a8c7cf0daa7 100755
--- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config
+++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
@@ -259,6 +259,10 @@ disable_rpfilter_domR() {
          echo "1" > /proc/sys/net/ipv4/conf/$vif/rp_filter
       done
   fi
+  log_it "cloud: Enabling rp_filter on Non-public interfaces(eth0,eth1)"
+  echo "1" > /proc/sys/net/ipv4/conf/eth0/rp_filter
+  echo "1" > /proc/sys/net/ipv4/conf/eth1/rp_filter
+  echo "1" > /proc/sys/net/ipv4/conf/lo/rp_filter
 }
 
 enable_svc() {