Date: Fri, 12 Apr 1996 08:32:24 -0500 (CDT) From: peter@nmti.com (Peter da Silva) To: j@uriah.heep.sax.de (J Wunsch) Cc: djr@saa-cons.co.uk, Firewalls@GreatCircle.COM, freebsd-hackers@freebsd.org Subject: Re: Solaris2.5 and BSD* - Facts Message-ID: <9604121332.AA11459@sonic.nmti.com.nmti.com> In-Reply-To: <199604111317.PAA05057@uriah.heep.sax.de> from "J Wunsch" at Apr 11, 96 03:17:21 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> source is also interesting to have. You can remove all the security > related ``extras'' in the kernel (IP forwarding, IP source routing, > log connection attempts, ...) if you've got the source. Starting with sys/netinet/ip_input.c:866 if (forward) { ip_forward(m, 1); return (1); } We've got a BSDI box here as well, and the same code uses a different approach to turn off these options. It took me a while to assure myself that the code was really doing the same thing in both cases. In the course of which I found myself sitting up in bed with my 10 year old son going over the code explaining IP option handling. Nothing like a code review to help you clarify your understanding of a program, and he seemed to be following the code better than some professional programmers I've worked with.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9604121332.AA11459>