Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!lll-winken.llnl.gov!uwm.edu!chi-news.cic.net!newsfeed.internetmci.com!EU.net!Germany.EU.net!zib-berlin.de!news.tu-chemnitz.de!irz401!uriah.heep!not-for-mail From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: IP Forwarding under FreeBSD Date: 3 Nov 1995 00:11:16 +0100 Organization: Private FreeBSD site, Dresden. Lines: 42 Message-ID: <47bj6k$g19@uriah.heep.sax.de> References: <46ngrd$5hq@bilbo.nask.org.pl> <470e8d$1m8@uriah.heep.sax.de> <4775d9$bo@hptemp1.cc.umr.edu> NNTP-Posting-Host: uriah.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit serges <serges@rocket.cc.umr.edu> wrote: >: Obsolete. Use ``sysctl -w net.inet.ip.forwarding=1'' instead. > >"Obsolete" as of what release? True the sysctl approach is quicker - that >is if you like the idea of editing the kernel image as a matter of course >(and not as a hack) The ``options GATEWAY'' hack has not been removed yet, but in -current, its only remaining effect is to pre-enable IP forwarding. (It used to have more side-effects in previous versions.) Pre-enabling IP forwarding is forbidden by RFC. sysctl is not a hack, it's a controlled interface to several kernel variables. (And yes, they are called ``variables'' since they are not always constant. :-) Unlike writing to those variables with kgdb, the sysctl approach will also continue to work in higher security levels, where access to /dev/mem is denied. >: >ii) executed routed with -s option > >: Obsolete and dangerous. >"dangerous" why? Because it's "routed". :) It's my understanding that routed is not the technically best piece of software around. >... I use it to delete inactive routes >created by pppd. Besides, my ppp interface is dynamic and requires that >the routing tables be flushed (or monitored) for sanity's sake. Hmm, but this rather sounds like a problem with pppd. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)