> Wanted to test the results of turning on/off IP_FORWARDING in a Sun
> 4.1.3.U1 kernel. First of all, I haven't yet found the blurb about
> where you make this change. Have been browsing around in /sys/net and
> looked through route.h, but couldn't find a mention of ipforwarding.
> If anyone knows this off the top of their head, it would save me digging
> through much piled paper.
The file that ip_forwarding is declared in is /sys/netinet/ip_proto.c.
Note: unless 4.1.3.U1 has changed from 4.1.3, turning off ip forwarding
*does not* turn off source routing. If you have full sources you need
to modify /sys/netinet/ip_input.c or get a patch from Sun to disable
source routes. The default Sun configuration makes it trival for someone
who has a modern telnet (like BSD 4.4 or NeXT's) to telnet through you
firewall and into your internal network.
--mark
Follow-Ups:
|
|
