From owner-freebsd-questions  Wed Jan 10 12:21:45 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from be-well.ilk.org (lowellg.ne.mediaone.net [24.147.184.128])
	by hub.freebsd.org (Postfix) with ESMTP id 27F4837B400
	for <freebsd-questions@freebsd.org>; Wed, 10 Jan 2001 12:21:28 -0800 (PST)
Received: (from lowell@localhost)
	by be-well.ilk.org (8.11.1/8.11.1) id f0AKLLx69297;
	Wed, 10 Jan 2001 15:21:21 -0500 (EST)
	(envelope-from lowell)
To: freebsd-questions@freebsd.org
Subject: Re: Networking Question.
References: <447l43mn8i.fsf@lowellg.ne.mediaone.net> <Pine.SOL.4.21.0101101451480.1497-100000@gradient.cis.upenn.edu>
From: Lowell Gilbert <lowell@world.std.com>
Date: 10 Jan 2001 15:21:21 -0500
In-Reply-To: agoodloe@gradient.cis.upenn.edu's message of "10 Jan 2001 20:56:54 +0100"
Message-ID: <448zoj6tvi.fsf@lowellg.ne.mediaone.net>
Lines: 19
X-Mailer: Gnus v5.7/Emacs 20.7
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

agoodloe@gradient.cis.upenn.edu (Alwyn Goodloe) writes:

>  
> Your solution of  Not enabling net.inet.ip.fw.enable sounds like it
> would keep machines outside of the private network from mistaking
> the private network's box as a router but the box would no longer act as
> a router for the local network. I may be misunderstanding something.

No, I was clearly wise to have included "assuming I understand the
question correctly" in my original message.  I didn't.

You're right; the machines on the outside net wouldn't access that
machine unless they were told about it somehow, and there are a
limited number of ways that can happen.  One is routing protocols
(although that would only affect other machines also running the same
protocols, which would probably be other routers).  Aside from that,
manual configuration is the only way anyone outside could decide to
send packets to your router for further forwarding.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message