Writing directly to /proc versus using sysctl -w

--------------------------------------------------
Rise to the top 3% as a developer or hire one of them at Toptal: https://topt.al/25cXVn
--------------------------------------------------

Music by Eric Matyas
https://www.soundimage.org
Track title: Fantascape Looping

--

Chapters
00:00 Writing Directly To /Proc Versus Using Sysctl -W
00:32 Accepted Answer Score 7
01:39 Thank you

--

Full question
https://superuser.com/questions/570701/w...

--

Content licensed under CC BY-SA
https://meta.stackexchange.com/help/lice...

--

Tags
#linux #networking #security #kernel

#avk47

ACCEPTED ANSWER

Score 7

There is no difference. The sysctl command on Linux writes directly to files in /proc/sys. This snippet from the source code for sysctl proves it:

/*
 * Write a sysctl setting
 */
static int WriteSetting(const char *setting)
{
    /* ... */

    /* used to open the file */
    tmpname = xmalloc(equals - name + 1 + strlen(PROC_PATH));
    strcpy(tmpname, PROC_PATH);
    strncat(tmpname, name, (int) (equals - name));
    tmpname[equals - name + strlen(PROC_PATH)] = 0;
    /* change . to / */
    slashdot(tmpname + strlen(PROC_PATH), '.', '/');

    /* ... */

    fp = fopen(tmpname, "w");
    /* some error checking ... */
    rc = fprintf(fp, "%s\n", value);

    /* ... */
}

If you want something permanent you need to edit /etc/sysctl.conf or add a file under /etc/sysctl.d (e.g. /etc/sysctl.d/99-disable-ip-forwarding.conf) containing:

# Disable IP packet forwarding
net.ipv4.ip_forward = 0

By the way, some distributions already disable this explicitly by default. For example RHEL <= 6 or Fedora <= 15 have this in /etc/sysctl.conf:

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

Fedora 20 doesn't disable it explictly anymore. There's not forwarding setting in /etc/sysctl.conf, /etc/sysctl.d/ or /usr/lib/sysctl.d/.