>
>
>> Wanted to test the results of turning on/off IP_FORWARDING in a Sun
>> 4.1.3.U1 kernel. First of all, I haven't yet found the blurb about
>> where you make this change. Have been browsing around in /sys/net and
>> looked through route.h, but couldn't find a mention of ipforwarding.
>> If anyone knows this off the top of their head, it would save me digging
>> through much piled paper.
>
>The file that ip_forwarding is declared in is /sys/netinet/ip_proto.c.
>Note: unless 4.1.3.U1 has changed from 4.1.3, turning off ip forwarding
>*does not* turn off source routing. If you have full sources you need
>to modify /sys/netinet/ip_input.c or get a patch from Sun to disable
>source routes. The default Sun configuration makes it trival for someone
>who has a modern telnet (like BSD 4.4 or NeXT's) to telnet through you
>firewall and into your internal network.
>
Excuse me, please correct me if I am wrong. However, since this is
a BSD derived system, I thimk you might prefer to set
options IPFORWARDING
in your kernel config file rather than mucking about in
/sys/netinet/ip_proto.c. This sets a manafest constant which
should do much more.
References:
|
|
