Re: /proc/sys/net/* proliferation

Alan Cox (alan@LXORGUK.UKUU.ORG.UK)
Sun, 14 Sep 1997 18:58:51 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Al Longyear: "Re: [2.1.54/55] who owns ppp.c?"
Previous message: Andi Kleen: "Re: /proc/sys/net/* proliferation"
In reply to: Bryan Andregg: "Re: /proc/sys/net/* proliferation"
Next in thread: Bryan Andregg: "Re: /proc/sys/net/* proliferation"

> >RFC1122 does indeed require that a system is a host by default and routing
> >must be switched on. In 2.1.x this problem goes away (its a sysctl), in
> >2.0.x a vendor could always ship a seperate kernel
> >
>
> So then would an appropriate solution also be to ship with forwarding on (in the
> kernel) but the forwarding policy set to 'reject.' This would require an
> enabling command then.

The kernel then ignores ICMP redirect messages as its a router with firewalls
not a host.

Next message: Al Longyear: "Re: [2.1.54/55] who owns ppp.c?"
Previous message: Andi Kleen: "Re: /proc/sys/net/* proliferation"
In reply to: Bryan Andregg: "Re: /proc/sys/net/* proliferation"
Next in thread: Bryan Andregg: "Re: /proc/sys/net/* proliferation"