SUMMARY: ip forwarding

From: Ed Baxter (edward@pii.com)
Date: Thu Dec 22 1994 - 15:17:46 CST

my original question was:

>I have a machine on the network that was once used as a firewall and
>mailhost. We now have a firewall router that I want to use instead. I
>believe the sun box has had "ip forwarding" turned off and I need to
>know what is involved in turning it back "on".
>

The following was sent by Nate Itkin, and covers all the answers I recieved.

----- Begin Included Message -----

 for SunOS 4.1.3 :
  
  67) How do I disable/enable packet forwarding?
  
          Under 4.1 and above(does not include SunOS 5.x),
          you can do this by using one of the following methods:
  
          adb -k -w /vmunix /dev/mem
          ip_forwarding?
          _ip_forwarding:
          _ip_forwarding: 0 = unimp 0x0
  
          ip_forwarding/w -1 <- changes in running kernel only!
          ip_forwarding?w -1 <- changes running kernel and disk image
  
          or
  
          In your kernel configuration file (... /sys/netinet/in_proto.c),
          insert the following line:
  
          options "IPFORWARDING=-1"
  
          Note: The above example disables packet forwarding.
  
          Here is a list of IP forwarding options
          (from /usr/kvm/sys/netinet/in_proto.c)
                  ip_forwarding = -1 -- never forward; never change this value.
                  ip_forwarding = 0 -- don't forward; set this value to 1
                                         when two interfaces are up.
                  ip_forwarding = 1 -- always forward.
  
  
  
          options IPFORWARDING="-1"
  
  
  You could do it before the ifconfig commands in /etc/rc.boot with e.g.
  echo "ip_forwarding/W 0" | adb -k -w /vmunix /dev/mem
  
  In Solaris 2 systems set it with 'ndd -set /dev/ip ip_forwarding -1'.
  
  Make sure routed does not advertise routes, either do not run routed or
  run 'in.routed -q' for quiet mode - no broadcasts are sent.
  
  
 
----- End Included Message -----

thanks to :

        Nate Itkin <Nate-Itkin@ptdcs2.intel.com>
        gregr@cibc.com (Greg Roberts)
        Bradley.Richard.Long@att.com
        Markly Dykeman <markly@cor.cerfnet.com>
        sunman@telecom.telecom.com (Sun Managers at Telecom)
        John Valdes <valdes@geosun.uchicago.edu>
        perryh@pluto.rain.com (Perry Hutchison)
        John Elliot <johne@aiai.edinburgh.ac.uk>
        david@srv.PacBell.COM (David St. Pierre)
        Andy Kumeda <kumeda@dt.wdc.com>
        grevemes@VTC.TACOM.Army.Mil (Steven Grevemeyer)
        Keizo Fujii <keizof@sfc.keio.ac.jp>
        

Ed Baxter
Praegitzer Design

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:17 CDT