我只是偶然发现它cat /proc/sys/net/ipv4/ip_forward返回 1。我不记得net.ipv4.ip_forward以前启用过,但由于我的系统已经运行了好几年了,我也不能排除这一点。
我不希望默认情况下4.14.3-1-ARCH有net.ipv4.ip_forward = 1这个功能,那么在什么地方可以启用它呢?我知道/etc/sysctl.d,但那里的文件都没有指定 IP 转发。不过,它在重新启动后仍然存在,那么它可以在哪里启用呢?谢谢!
编辑:我的接口是:
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether a4:34:d9:a2:33:7f brd ff:ff:ff:ff:ff:ff
3: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 54:ee:75:8e:ef:37 brd ff:ff:ff:ff:ff:ff
4: pan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 2e:02:14:5b:d8:21 brd ff:ff:ff:ff:ff:ff
编辑2:我的-iptable 的内容filter:
# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
编辑3:我偶然发现了一个pan1在 NetworkManager 中调用的连接,它始终处于连接状态,并且可能对应于网络接口pan1。有趣的是,它处于bridge- 模式。不幸的是,我无法想象手动创建此连接,并且我找不到它来自哪里(grep -rn "pan1" /etc/NetworkManager/system-connections/没有输出)。我的第一个怀疑是删除所有配对的蓝牙设备,但没有效果。这是连接的内容:
$ nmcli connection show pan1
connection.id: pan1
connection.uuid: fc8c690c-3874-48df-8ccb-98a0fc698604
connection.stable-id: --
connection.type: bridge
connection.interface-name: pan1
connection.autoconnect: no
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.auth-retries: -1
connection.timestamp: 1512614672
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
ipv4.method: manual
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 100
ipv4.addresses: 10.228.230.1/24
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
ipv6.method: ignore
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: ""
ipv6.dns-priority: 100
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.route-table: 0 (unspec)
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.token: --
bridge.mac-address: --
bridge.stp: no
bridge.priority: 32768
bridge.forward-delay: 0
bridge.hello-time: 1
bridge.max-age: 19
bridge.ageing-time: 299
bridge.group-forward-mask: 0
bridge.multicast-snooping: yes
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
GENERAL.NAME: pan1
GENERAL.UUID: fc8c690c-3874-48df-8ccb-98a0fc698604
GENERAL.DEVICES: pan1
GENERAL.STATE: activated
GENERAL.DEFAULT: no
GENERAL.DEFAULT6: no
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/62
GENERAL.ZONE: --
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 10.228.230.1/24
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 10.228.230.0/24, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --