Firewalls: Re: IP

Firewalls
(March 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: IP_FORWARDING
From:	Icarus Sparry <I . Sparry @ midge . bath . ac . uk>
Date:	Fri, 4 Mar 94 20:57:27 GMT
To:	"Jeffrey D. LaCoursiere" <lacoursj @ uprc . com>
Cc:	firewalls @ greatcircle . com, dallas @ dfw . paranet . com, sun-managers-relay @ ra . mcs . anl . gov
Reply-to:	I . Sparry @ bath . ac . uk

By default, a Sun with only a single interface will not forward an IP
packet.

/sys/netinet/in_proto.c has suitable comments to explain what the
variable ip_forwarding means. Essentially it will only forward
packets if the value is >0, and it will be 0 is there is only
one interface.

options IPFORWARDING=-1

in the configuration file (in /sys/`uname -m`/conf) will ensure that it
will never forward a packet, even if you add another interface.

Icarus

Follow-Ups:

Re: IP_FORWARDING
From: Bill Gianopoulos <wag @ sccux1 . msd . ray . com>
Re: IP_FORWARDING
From: randy @ psg . com (Randy Bush)

Indexed By Date	Previous:	Re: InterLock SMTP Update From: Eric Nowak <nowak @ reston . ans . net>
Indexed By Date	Next:	sorry, here is an example why some need anonymous mail: From: mn @ NittmannMi . lax . trane . com (Michael Nittmann)
Indexed By Thread	Previous:	Re: IP_FORWARDING From: jpf @ mig . com (Jack Flory)
Indexed By Thread	Next:	Re: IP_FORWARDING From: randy @ psg . com (Randy Bush)