How to Disable/Enable IP forwarding in Linux

This article describes how to Disable or Enable an IP forwarding in Linux.

Current IP forwarding status

Read a current state of IP forwarding:

# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

Currently, the output number 1 indicates that the IP forwarding is enabled. The above value is read from the Linux proc file system and more precisely from the actual file /proc/sys/net/ipv4/ip_forward file:

# cat /proc/sys/net/ipv4/ip_forward
1

Disable IP forwarding

To disable IP forwarding on a running Linux system run:

# sysctl -w net.ipv4.ip_forward=0
net.ipv4.ip_forward = 0

The above command actually writes number 0 into the above mentioned file /proc/sys/net/ipv4/ip_forward. If from some reason the above command fails you can attempt to disable the IP forwarding manually by:

echo 0 > /proc/sys/net/ipv4/ip_forward

The above change is not reboot persistent. To permanently disable the IP forwarding on your Linux system edit /etc/sysctl.conf and add the following line:

net.ipv4.ip_forward = 0

Enable IP forwarding

The procedure to enable IP forwarding in Linux is the same as the above procedure to disable it, but instead, we use number 1 to turn IP forwarding ON.

# sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1

or alternatively:

echo 1 > /proc/sys/net/ipv4/ip_forward

To make the change permanent insert or edit the following line in edit /etc/sysctl.conf:

net.ipv4.ip_forward = 1