# [solved] net.ipv4.ip_forward automagically going back to 1?

## kukibl

I've been reading Gentoo Security handbook and I ran into this part: http://www.gentoo.org/doc/en/security/security-handbook.xml?full=1#book_part1_chap9.

Uncommented relevant /etc/sysctl.conf line, however after restart it still shows "1" instead "0":

```

# sysctl -a | grep ip_forward

net.ipv4.ip_forward = 1

```

All other changes remain...

What is causing this? I'm running Shorewall as firewall and NetworkManager. Could any of these services affect this behaviour?

Thank you.

Alex

EDIT:

It seems that Shorewall service affects this change (stopped both, then restarted). Which Shorewall conf file causes this change, anyone knows? I've used pretty straight-forward Shorewall HowTo (found on Sabayon wiki), but there is nothing related to this topic.

Maybe less elegant solution is to put something like "sysctl net.ipv4.ip_forward=0" into /etc/conf.d/local...?

EDIT no.2:

http://www.shorewall.net/manpages/shorewall.conf.html

Solution was to change IP_FORWARDING to "Off" in /etc/shorewall/shorewall.conf.

----------

