Paul D. Robertson wrote:
> They probably want you to make sure each interface sends packets
> correctly, and that the route tables are set up correctly (static routing).
> If you take the default AIX setup, static routes are held in the ODBM
> database, so once you enter them, you should be fine. You should
> probably do that through SMIT.
ok, now I can get through the firewall (without firewall software
but none of the internal routers know how to respond to the unsecure
does this mean I have to add a static route to all internal(secure)
or how can I advertise routes to them?
> They get taken out of inetd.conf, and rc.tcpip, services just provides names,
> it doesn't enable protocols. The SNG code should block what's running there
> if you have your filters set correctly, but I tend to like to disable all
> the built-in protocols, sendmail, the R commands, and NFS seperately if I
> configure one of these beasts.
That makes sense, after I posted the question I realized that. Should
brain before fingers.