Date: Mon, 10 Dec 2001 17:22:11 +0000 From: Josh Paetzel <friar_josh@webwarrior.net> To: Chris Appleton <appleton_chris@yahoo.com> Cc: Josh Paetzel <friar_josh@webwarrior.net>, freebsd-questions@FreeBSD.ORG, wmoran@potentialtech.com Subject: Re: make install Message-ID: <20011210172211.O1432@twincat.vladsempire.net> In-Reply-To: <20011210222220.97227.qmail@web14805.mail.yahoo.com>; from appleton_chris@yahoo.com on Mon, Dec 10, 2001 at 02:22:20PM -0800 References: <20011210135754.L1432@twincat.vladsempire.net> <20011210222220.97227.qmail@web14805.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Thanks to both, you are right! I was treating > /compile/MYKERNEL as a file not another directory. (I > am coming from the 'dark' side if it's not obvious) > > > TCP_RESTRICT_RST is no longer a kernel option. This > > is now controlled > > by a knob in rc.conf. > > > So if I add tcp_restrict_rst="yes", would that qualify > as a 'knob' in rc.conf? Yes. That is exactly right. > > One more: This thing is going to be a filtering > bridge. Please don't convince me to do otherwise - > yet - but do I need to have gateway enabled to make > this work (along with enabling the bridge/ipfw with > net.link cmd's)? Is that the only way packets will > get fwd between adapters? > > Thx again No, bridging doesn't require that gateway_enabled="YES". Everything that comes in one interface goes out the other, and vise versa. Of course for an internet gateway, this means that all of the machines behind it must have public IPs. You might also want to take a look at the IPSTEALTH kernel option... Josh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011210172211.O1432>