From owner-freebsd-net Sat Apr 6 0:45:10 2002 Delivered-To: freebsd-net@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 8869B37B419 for ; Sat, 6 Apr 2002 00:45:06 -0800 (PST) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g368iun24617; Sat, 6 Apr 2002 00:44:56 -0800 (PST) (envelope-from rizzo) Date: Sat, 6 Apr 2002 00:44:56 -0800 From: Luigi Rizzo To: Barry Irwin Cc: freebsd-net@FreeBSD.ORG Subject: Re: Packets lost when forwarding disabled Message-ID: <20020406004456.A24597@iguana.icir.org> References: <20020406100901.C62987@itouchlabs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020406100901.C62987@itouchlabs.com> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Apr 06, 2002 at 10:09:01AM +0200, Barry Irwin wrote: > Hi All > > After mucking around on a firewall problem on the other side of the world > yesterday, the problem was that net.inet.ip.forwarding was set to off * the > gateway_enable had been mangled in rc.conf). Packets were being received by ... > I thought it would be useful to have a sysctl knob which would allow one to > cause these packets to be logged. From a security pov it would be > interesting to know if people are trying to use you as a gateway? > > Now for the real question, does somethign like this already exist, and am I netstat -s -p ip tells you that. cheers luigi > going to be re-inventing the whell if I add it to the kernel. I s the > another way of doing this? > > Thanks > Barry > > -- > Barry Irwin bvi@itouchlabs.com +27214875177 > Systems Administrator: Networks And Security > Itouch Labs http://www.itouchlabs.com South Africa > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message