Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.kei.com!news.mathworks.com!tank.news.pipex.net!pipex!dispatch.news.demon.net!demon!palmer.demon.co.uk!palmer.demon.co.uk!not-for-mail From: gary@palmer.demon.co.uk (Gary Palmer) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: IPFORWARDING on FreeBSD2.0, Help Please Date: 1 Oct 1995 05:30:20 +0100 Organization: none Lines: 19 Message-ID: <44l5gs$2dq@palmer.demon.co.uk> References: <43ip24$as@mippet.ci.com.au> <445o0a$6st@uriah.heep.sax.de> <44f85t$kkg@mippet.ci.com.au> <44hl7j$5ku@uriah.heep.sax.de> NNTP-Posting-Host: pc.my.org X-NNTP-Posting-Host: palmer.demon.co.uk In article <44hl7j$5ku@uriah.heep.sax.de>, J Wunsch <j@uriah.heep.sax.de> wrote: >Just the opposite: don't turn net.inet.ip.forwarding on, or the >packets would bypass the firewall! Umm? If you are talking about a packet filtering firewall, you DO need net.inet.ip.forwarding to be == 1, otherwise the packet filter code is just so much dead weight. If the firewall is built out of proxy services, then yes, the forwarding option should be left ==0. Gary -- FreeBSD Core Member E-Mail: Gary@Palmer.Demon.co.uk, gpalmer@FreeBSD.org