From 57b5b2145c4e6779f0b879ee4199d46938f20965 Mon Sep 17 00:00:00 2001
From: Raja Grewal <rg_public@proton.me>
Date: Wed, 13 Jul 2022 04:30:43 +1000
Subject: [PATCH] enforce defualt net.ipv4.ip_forward

---
 etc/sysctl.d/30_security-misc.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/etc/sysctl.d/30_security-misc.conf b/etc/sysctl.d/30_security-misc.conf
index 846c8b0..1b93769 100644
--- a/etc/sysctl.d/30_security-misc.conf
+++ b/etc/sysctl.d/30_security-misc.conf
@@ -108,6 +108,9 @@ net.ipv6.conf.default.accept_source_route=0
 net.ipv4.conf.default.rp_filter=1
 net.ipv4.conf.all.rp_filter=1
 
+## Disables IP forwarding (we are not a router!)
+net.ipv4.ip_forward=0
+
 #### meta end