procps: update legacy sysctl.conf to fix rp_filter sysctl issue
The sysctl.conf file for procps is very outdated:
https://git.openembedded.org/openembedded-core/commit/?id=
8a9b9a323f4363e27138077e3e3dce8139a36708
(circa 2014)
The origin of this file is hard to determine and due to it's age
is causing a routing issue when both wifi and ethernet are enabled.
This manifested during an update from thud -> warrior due to the
following:
- upstream change in NetworkManager during 1.16 cycle removes the
dynamic setting of rp_filter sysctl when more than one interface
is enabled:
https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=
b1082aa9a711deb96652e5b2fcaefcf399d127b8
- open-embedded updated to NetworkManager 1.16 in March 2019:
https://git.openembedded.org/meta-openembedded/commit/meta-networking/recipes-connectivity/networkmanager?id=
5509328af9e4fab267251456f4d6e7bd51df779a
- setting in legacy sysctl.conf sets rp_filter to 1 which blocks
packets with different inbound and outbound addresses.
Documentation of rp_filter setting from kernel.org:
rp_filter - INTEGER
0 - No source validation.
1 - Strict mode as defined in RFC3704 Strict Reverse Path
Each incoming packet is tested against the FIB and if the interface
is not the best reverse path the packet check will fail.
By default failed packets are discarded.
2 - Loose mode as defined in RFC3704 Loose Reverse Path
Each incoming packet's source address is also tested against the FIB
and if the source address is not reachable via any interface
the packet check will fail.
This patch updates the sysctl.conf file to current which doesn't set
the rp_filter mode explicity (2 is the default).
NOTE: The kernel/pid_max=10000 setting has been commented out as this
may not be desired by default.
Signed-off-by: Michael Scott <mike@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
