JERALD JOSEPHS wrote:
> > You should not run in.routed nor should you run in.rdisc on your
> > firewall gateway.
OK, I'll buy this. My guess is that you shouldn't run routed because it
is susceptable to attack, as well as you don't want to advertise info
(routing info) about your network.
So, I turned them off (reboot with newly included defaultrouter file).
However, now I can't get packets to forward, even though:
1. IP forwarding is on (=1, I've even set it to 2 since I have a DMZ)
2. Routing table (netstat -rvn) still has all route/gateway pairs
including default
3. /etc/defaultrouter file has appropriate gateway
4. FW-1 is running (I've stopped (forwarding goes off) and restarted it)
Anything obviously out of whack? Any help would be greatly
appreciated...
Thanks, Joe
--
In theory, theory and practice are the same;
In practice, they're not even close!
References:
|
|
