Fix errors setting '/proc/sys/net/ipv4/ip_dynaddr'.

conf/default_basic_behavior.conf

@@ -62,7 +62,7 @@ allow_speedtest=true
 # Gaming
 #
 # Playstation (PS), Xbox, FiFa
-# 
+#
 allow_game_xbox_one_out=false
 allow_game_xbox_360_out=false
 allow_game_ps3_out=false
@@ -82,10 +82,10 @@ allow_game_call_of_duty=false
 # - Services allowed between local networks
 # ---
 
-# - These Parameters are only considered, if traffic 
+# - These Parameters are only considered, if traffic
-# - between local networks are not permitted, thats 
+# - between local networks are not permitted, thats
 # - if 'permit_between_local_networks=false' (see below).
-# - 
+# -
 allow_ssh_between_local_nets=true
 allow_samba_between_local_nets=false
 allow_ldap_between_local_nets=false
@@ -116,8 +116,8 @@ permit_all_icmp_traffic=true
 # -
 provide_mailservice_from_local=true
 
-# - iPerf is a tool for active measurements of the maximum achievable bandwidth on IP networks. 
+# - iPerf is a tool for active measurements of the maximum achievable bandwidth on IP networks.
-# - It supports tuning of various parameters related to timing, buffers and protocols (TCP, UDP, 
+# - It supports tuning of various parameters related to timing, buffers and protocols (TCP, UDP,
 # - SCTP with IPv4 and IPv6). For each test it reports the bandwidth, loss, and other parameters.
 # -
 create_iperf_rules=false
@@ -128,6 +128,38 @@ create_iperf_rules=false
 # --- Router IPv4
 # =============
 
+# - Activate forwarding
+# -
+# - Enable/disable forwarding to and between interfaces
+# -
+kernel_activate_forwarding=true
+
+# - Activate kernel support for dynamic IP adresses
+# - (not needed in case of static IP)
+# -
+# - see also https://www.frozentux.net/iptables-tutorial/other/ip_dynaddr.txt
+# -
+# - The values for the ip_dynaddr sysctl are [*]:
+# -
+# -   1:  To enable:
+# -   2:  To enable verbosity:
+# -
+# -  [*] At boot, by default no address rewriting is attempted.
+# -  [**] This code is currently totaly untested.
+# -
+# - Flags can be combined by adding them. Common settings
+# - would be:
+# -
+# - To enable rewriting in quiet mode:
+# -   # echo 1 > /proc/sys/net/ipv4/ip_dynaddr
+# - To enable rewriting in verbose mode:
+# -   # echo 2 > /proc/sys/net/ipv4/ip_dynaddr
+# - ...
+# -
+kernel_support_dynaddr=true
+default_dynaddr_flag=2
+
+
 # - Set to "true" to secure/tune the kernel
 # -
 adjust_kernel_parameters=true

conf/main_ipv4.conf.sample

@@ -1989,7 +1989,7 @@ kernel_activate_forwarding=true
 # - ...
 # -
 kernel_support_dynaddr=true
-dynaddr_flag="3"
+dynaddr_flag="$default_dynaddr_flag"
 
 # - Reduce DoS'ing ability by reducing timeouts
 # -

ipt-firewall-gateway

@@ -156,13 +156,20 @@ else
    echo_done
 fi
 
+if [[ -z "$dynaddr_flag" ]] ; then
+   dynaddr_flag=$default_dynaddr_flag
+fi
 if $kernel_support_dynaddr ; then
    echononl "\tActivate kernel support for dynamic addresses.."
-   if [[ -n $dynaddr_flag ]] && [[ $dynaddr_flag =~ ^-?[0-9]+$ ]]; then
+   if [[ -n $dynaddr_flag ]] && [[ $dynaddr_flag =~ ^-?[0-3]+$ ]]; then
       echo $dynaddr_flag > /proc/sys/net/ipv4/ip_dynaddr
       echo_done
    else
       echo_failed
+
+      echononl "\t\tSet '/proc/sys/net/ipv4/ip_dynaddr' to '2'"
+      echo 2 > /proc/sys/net/ipv4/ip_dynaddr
+      echo_done
    fi
 else
    echo 0 > /proc/sys/net/ipv4/ip_dynaddr