summaryrefslogtreecommitdiffstats
path: root/Documentation/networking/netfilter-sysctl.txt
diff options
context:
space:
mode:
Diffstat (limited to 'Documentation/networking/netfilter-sysctl.txt')
-rw-r--r--Documentation/networking/netfilter-sysctl.txt10
1 files changed, 10 insertions, 0 deletions
diff --git a/Documentation/networking/netfilter-sysctl.txt b/Documentation/networking/netfilter-sysctl.txt
new file mode 100644
index 000000000000..55791e50e169
--- /dev/null
+++ b/Documentation/networking/netfilter-sysctl.txt
@@ -0,0 +1,10 @@
+/proc/sys/net/netfilter/* Variables:
+
+nf_log_all_netns - BOOLEAN
+ 0 - disabled (default)
+ not 0 - enabled
+
+ By default, only init_net namespace can log packets into kernel log
+ with LOG target; this aims to prevent containers from flooding host
+ kernel log. If enabled, this target also works in other network
+ namespaces. This variable is only accessible from init_net.
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-16 12:19:15 +0000