Sysctl: net.ipv4.ip_forward

This sysctl key defines if a system should allow forwarding of IPv4 network packets. This functionality is required for systems that act as a gateway or router.

IP forwarding is normally not required for most desktops and servers.

Values

Value	Description
0	Forwarding of packets is not allowed.
1	This system may forward packets to other networks

Most systems have by default net.ipv4.ip_forward set to value 0.

Show current value

The value of the net.ipv4.ip_forward can be retrieved using the sysctl command.

sysctl net.ipv4.ip_forward

or using the proc file system:

sysctl /proc/sys/net/ipv4/ip_forward

Configure new value

To apply a new value, use the option --write, followed by the key and value.

sysctl --write net.ipv4.ip_forward=NEWVALUE

To ensure that these changes are also applied during the next boot, add them to a configuration file, typically something like /etc/sysctl.d/99-custom.conf.

Feedback

This article has been written by our Linux security expert Michael Boelen. With focus on creating high-quality articles and relevant examples, he wants to improve the field of Linux security. No more web full of copy-pasted blog posts.

Discovered outdated information or have a question? Share your thoughts. Thanks for your contribution!