Although not strictly necessary for a firewall, you may need to implement routing on your RHEL7 system. Often, this will be associated with multi-homed systems with more than one network interface card; however, this is not a requirement of network routing, which allows packets to be forwarded to the correct destination network. Network routing is enabled in procfs
in the /proc/sys/net/ipv4/ip_forward
file. If this file contains a value of 0
, then routing is disabled; if it has a value of 1
, routing is enabled. This can be set using the echo
command as follows:
# echo 1 > /proc/sys/net/ipv4/ip_forward
However, this is then turned on until the next reboot when the routing will revert to the configured setting. To make this setting permanent traditionally, the /etc/sysctl.conf
file has been used. It's now recommended to add you own configurations to /etc/sysctl.d/
. Here is an example of this:
# echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/ipforward.conf
This will create a...