How do I set up an insulating gateway?
Guy Middleton
gamiddleton at watmath.waterloo.edu
Fri Oct 20 00:57:38 AEST 1989
In article <20158 at mimsy.UUCP> chris at mimsy.UUCP (Chris Torek) writes:
| In article <20149 at mimsy.UUCP> I wrote:
| >>Or compile the kernel with the "ipforwarding" variable turned off, eh?
|
| >Then it would not be a gateway.
|
| What I missed was this (from the original article):
|
| >If I have a 4.3bsd (or 4.3-tahoe) machine with two IP interfaces, is
| >there any way to prevent packets from one net reaching the other? I
| >want the machine to be able to talk to either net, but nobody else
| ------
| >should be able to use it as an IP gateway. I can't think of any
| >obvious way of doing this.
|
| Such a machine is not a gateway, merely a multi-homed host. Turning
| off ipforwarding would do it.
It seems I should have been more explicit in my original query. The machine
really is on three nets, and I only want to isolate one of them. I mentioned
only two, for simplicity. Had I remembered the kernel ipforwarding variable,
I would have been more explicit. Chris's fix is actually what I was looking
for.
Thanks everybody else for reminding me about ipforwarding.
-Guy Middleton, University of Waterloo gamiddleton at watmath.waterloo.edu
(+1 519 885 1211 x3472) gamiddleton at watmath.uwaterloo.ca
More information about the Comp.unix.wizards
mailing list