Date: Tue, 02 Jan 2001 18:27:33 +0100 From: mouss <usebsd@free.fr> To: Miklos Niedermayer <mico@bsd.hu>, Attila Nagy <bra@fsn.hu> Cc: romualdo@uninet.com.br, freebsd-security@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPSTEALTH - transparent router Message-ID: <4.3.0.20010102182437.02274f00@pop.free.fr> In-Reply-To: <20010102073023.D309@bsd.hu> References: <Pine.BSO.4.21.0101020647010.6665-100000@k2.jozsef.kando.hu> <3a50d8b7.3a6d.0@uninet.com.br> <Pine.BSO.4.21.0101020647010.6665-100000@k2.jozsef.kando.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:30 02/01/01 +0100, Miklos Niedermayer wrote: >Hello, > >( > Attila Nagy) > > > > I have many routers with wavelan card working with freeBSD and i am > > > trying without sucessfull use IPSTEALTH work i want whem one machine > > > make traceroute dont show my router and go a way > > sysctl -w net.inet.ip.stealth=1 > >...or you can live happy with IPFilter's fastroute feature, that does >exactly what you want. there are differences though. - with the sysctl, stealth applies to all connections, but packets follow the "standard" stack - with ipfilter, you can force selective "stealth", but you follow ipfilter forwarding functions. according to ipfilter docs, there are concerns. not a real problem, but one should know about. cheers, mouss To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.0.20010102182437.02274f00>