Category: Network

The rp_filter kernel setting.

The rp_filter – INTEGER

0 – No source validation.

1 – Strict mode as defined in RFC3704 Strict Reverse Path. Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded.

2 – Loose mode as defined in RFC3704 Loose Reverse Path. Each incoming packet’s source address is also tested against the FIB and if the source address is not reachable via any interface the packet check will fail.

Current recommended practice in RFC3704 is to enable strict mode to prevent IP spoofing from DDos attacks. If using asymmetric routing or other complicated routing, then loose mode is recommended.

The max value from conf/{all,interface}/rp_filter is used when doing source validation on the {interface}. (Which means it can be set
on each individual interface, or globally. The global setting will override the individual interface settings).

Smokeping on Debian/Ubuntu.

To install smokeping:

root# apt-get install smokeping

Link in the smokeping apache config:

root# cd /etc/apache2/conf-available
root# ln -s ../../smokeping/apache2.conf smokeping.conf

Enable the config and mod_cgi:

root# a2enconf smokeping
root# a2enmod cgid

Reload Apache:

root# /etc/init.d/./apache2 reload

Configuration files can be found here: /etc/smokeping/config.d/

root# ls -la /etc/smokeping/config.d/
total 64
drwxr-xr-x 2 root root 4096 Nov 23 09:06 .
drwxr-xr-x 3 root root 4096 Nov 19 13:07 ..
-rw-r–r– 1 root root 165 Nov 19 12:41 Alerts
-rw-r–r– 1 root root 237 Jul 8 2014 Database
-rw-r–r– 1 root root 509 Nov 19 09:31 General
-rw-r–r– 1 root root 225 Jul 8 2014 pathnames
-rw-r–r– 1 root root 876 Jul 8 2014 Presentation
-rw-r–r– 1 root root 50 Jul 8 2014 Probes
-rw-r–r– 1 root root 147 Jul 8 2014 Slaves
-rw-r–r– 1 root root 9025 Nov 23 09:06 Targets
-rw-r–r– 1 root root 9039 Nov 23 09:00 Targets_okay
-rw-r–r– 1 root root 380 Jul 8 2014 Targets_orig
root#