Firewalls: Re: [FW1] Firewall 2.1 , Solaris and rouing

Firewalls
(February 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: [FW1] Firewall 2.1 , Solaris and rouing
From:	Roger Marquis <marquis @ roble . com>
Date:	Sun, 23 Feb 1997 12:13:10 -0800 (PST)
To:	Firewalls @ GreatCircle . COM
In-reply-to:	<199702221546 . HAA07806 @ miles . greatcircle . com>

JERALD JOSEPHS <jerald .
 josephs @
 Sun .
 COM> wrote:
> So we need to add a line to /etc/init.d/inetinit to set ip_forwarding
> to 0 if [ -z $defrouters ] returns 0.

Alternatively you could create /etc/notrouter to do the same thing.
The /etc/init.d/inetinit can also be used to set:

	ndd -set /dev/ip ip_forwarding 0
	ndd -set /dev/ip ip_forward_src_routed 0
	ndd -set /dev/ip ip_forward_directed_broadcasts 0

which can be tested from the command line:

	ndd /dev/ip ip_forwarding
	ndd /dev/ip ip_forward_src_routed
	ndd /dev/ip ip_forward_directed_broadcasts

Roger Marquis

Indexed By Date	Previous:	detecting foreign packets on ethernet From: gvc @ ocsystems . com (G. Vincent Castellano)
Indexed By Date	Next:	Re: CNET story on Microsoft defending ActiveX today From: DELETETHIS . KRIS @ KOEHNTOPP . DE (Kristian Köhntopp)
Indexed By Thread	Previous:	Re: [FW1] Firewall 2.1 , Solaris and rouing From: Ryan Russell/SYBASE <Ryan . Russell @ sybase . com>
Indexed By Thread	Next:	Re: [FW1] Firewall 2.1 , Solaris and rouing From: Ryan Russell/SYBASE <Ryan . Russell @ sybase . com>