I'm haven't tested this, but I'm pretty sure that this will take care of
the problem...
In the /etc/rc2.d/SXXinet file, hack it so it DOESN'T do a
ndd -set /dev/ip ip_forwarding 1
and does instead
ndd -set /dev/ip ip_forwarding 0
That way, if for some reason, the fwd process doesn't start, you aren't
left testing the wind speed with a delicate part of your anatomy.
The reason this works is cuz, fwd (apparently) increments the
ip_forwarding value on start-up.
B
potlicker @
morebbs .
com wrote:
>
> Me and Eivind De Reindeer were setting up a Firewall-1 machine on an
> experimental network and it looked like it was working fine. Then it
> crashed and came back up with security turned off. We know why it crashed
> but I no longer want anything to do with it. My reputation is a lot more
> important to me than a vendor's hype. Pride be a sin so I be sinful.
>
> I need to come up with a viable alternative, preferably something that
> can handle FDDI speeds as well as Ethernet.
>
> Given that firewalls are constantly evolving, which is the smartest packet
> filtering firewall that can handle FDDI and Ethernet? A proxy firewall wont
> work because of the need to handle a wide variety of Remote Procedure Calls.
>
> AssHoleForSure, (Dead) Gangsta Rap Singer
> alias
> PoT_LiCkEr
References:
|
|
