Date: Wed, 25 Mar 1998 10:26:37 +0000 From: Karl Pielorz <kpielorz@tdx.co.uk> To: isp@FreeBSD.ORG Subject: Kernel sysctl... Message-ID: <3518DBDD.79E76018@tdx.co.uk>
next in thread | raw e-mail | index | archive | help
While looking through the sysctl's I found the one: net.inet.ip.redirect=1 Does this mean what I think it does? (i.e. that the kernel will honour icmp redirects?) - Our firewall drops all sourcerouted packets etc. - but is there anything wrong with setting this to '0' as well? (just to be sure)? I guess if I do this I'm going to have to make sure each box knows about the network (at the moment they actually do get ICMP redirects from our default router - telling them where the different bits of our subnetted network are... :-( Also: net.inet.ip.sourceroute=0 I presume means the kernel will also drop source-routed packets? (as well as our ipfw blocking them?) Is there any way of setting this in the Kernel at compile time (I've looked around in LINT to no avail... :-( Were running 2.2.5-R... Regards, Karl Pielorz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3518DBDD.79E76018>