https://bugzilla.novell.com/show_bug.cgi?id=807257
https://bugzilla.novell.com/show_bug.cgi?id=807257#c1
Marcus Meissner changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
--- Comment #1 from Marcus Meissner 2013-03-15 15:07:47 UTC ---
This is intentional and also hard to fix as the sysctl management is tricky.
(log_martians to 0 reduces security btw ;)
You can disable this setting globally in /etc/sysconfig/SuSEfirewall2
FW_KERNEL_SECURITY="no"
then SuSEfirewall2 will not touch any of these values.
## Type: yesno
#
# Do you want to enable additional kernel TCP/IP security features?
# If set to yes, some obscure kernel options are set.
# (icmp_ignore_bogus_error_responses, icmp_echoreply_rate,
# icmp_destunreach_rate, icmp_paramprob_rate, icmp_timeexeed_rate,
# ip_local_port_range, log_martians, rp_filter, routing flush,
# bootp_relay, proxy_arp, secure_redirects, accept_source_route
# icmp_echo_ignore_broadcasts, ipfrag_time)
#
# Tip: Set this to "no" until you have verified that you have got a
# configuration which works for you. Then set this to "yes" and keep it
# if everything still works. (It should!) ;-)
#
# Choice: "yes" or "no", if not set defaults to "yes"
#
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
