3

I followed a tutorial similar to this https://www.niftiestsoftware.com/2011/08/28/making-all-network-traffic-for-a-linux-user-use-a-specific-network-interface/

And started noticing that after a reboot the sysctl system settings weren't applied anymore, specifically these settings from /etc/sysctl.d/999-vpn.conf (also tried putting them in the 99-sysctl.conf file):

net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.enx002427fe2be7.rp_filter = 2

This is the error in my syslog:

systemd-sysctl[289]: Couldn't write '2' to 'net/ipv4/conf/enx002427fe2be7/rp_filter', ignoring: No such file or directory

enx002427fe2be7 is the network interface name from my USB Network adapter that I use, and I'm guessing that the reason this fails is maybe because it hasnt been initialized yet when the sysctl command runs.

So to fix this I tried an upstart script, but even with exec sleep 60 && sysctl --system this didn't seem to work.

Manually running sysctl --system fixes it, but I'd rather have this automated.

What would be a proper way to fix this?

Using Ubuntu 16.04 LTS Server edition

xorinzor
  • 132
  • 2
  • 13

1 Answers1

3

A few things come to my mind:

  1. ubuntu 16.04 uses systemd by default instead of upstart. So you could try to write a systemd unit instead of an upstart script

  2. If you use /etc/network/interfaces to manage your network, you could add a line like the following to your interface:

    up sysctl net.ipv4.conf.enx002427fe2be7.rp_filter=2

    and remove the corresponding line from your /etc/sysctl.d/999-vpn.conf file.

    If you use NetworkManager there is /etc/NetworkManager/dispatcher.d/ where you can put scripts to execute after a connection is made. Of course in your script you should check that the interface that is brought up is actually your USB adapter.

    if [ "$1" == 'enx002427fe2be7' ] && [ "$2" == 'up' ] ; then
    sysctl net.ipv4.conf.enx002427fe2be7.rp_filter=2
fi

    Alternatively you could put that script in /etc/network/if-up.d/. This should work for both, ifupdown and NetworkManager. (Source: https://askubuntu.com/a/14139/726877). In that case you don't need the up line in /etc/network/interfaces.

    if [ "$IFACE" == 'enx002427fe2be7' ] ; then
    sysctl net.ipv4.conf.enx002427fe2be7.rp_filter=2
fi

    These are just different ways to do the same thing: add the sysctl setting for the network adapter when the network adapter is brought up and therefore available but no sooner.

Lienhart Woitok
  • 1,142
  • Thanks! very detailed and informative answer, it worked perfectly as well. I'll award the bounty when the site lets me – xorinzor May 24 '18 at 10:25