Date: Fri, 26 Jun 1998 22:29:22 +0200 (CEST) From: Blaz Zupan <blaz@gold.amis.net> To: Doug White <dwhite@resnet.uoregon.edu> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IP redirects Message-ID: <Pine.BSF.3.96.980626222816.405A-100000@gold.amis.net> In-Reply-To: <Pine.BSF.3.96.980626104453.25008b-100000@resnet.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> > 1. Run gated on the FreeBSD box (which I would rather not do)
> > 2. Put the Cisco and the OR-HS into another subnet (which I don't like)
> > 3. Inhibit IP redirects (which somebody suggested could be done with ipfw)
> >
> > I think I'll pick number 3).
>
> Okay, in that case you need to find what message type redirects are, then
> block them from ipfw, specifying the ICMP message type to block.
Actually I finally picked solution number 4: turn off sending of IP
redirects on the Cisco ("no ip redirect" on the ether1 port).
> This should be on the ipfw man page.
Yes, agree, there's absolutely nothing on IP redirects in the ipfw
manpage.
Blaz Zupan, blaz@medinet.si, http://home.amis.net/blaz
Medinet d.o.o., Linhartova 21, 2000 Maribor, Slovenia
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980626222816.405A-100000>