From owner-freebsd-questions Wed Jan 10 12:21:45 2001 Delivered-To: freebsd-questions@freebsd.org Received: from be-well.ilk.org (lowellg.ne.mediaone.net [24.147.184.128]) by hub.freebsd.org (Postfix) with ESMTP id 27F4837B400 for ; Wed, 10 Jan 2001 12:21:28 -0800 (PST) Received: (from lowell@localhost) by be-well.ilk.org (8.11.1/8.11.1) id f0AKLLx69297; Wed, 10 Jan 2001 15:21:21 -0500 (EST) (envelope-from lowell) To: freebsd-questions@freebsd.org Subject: Re: Networking Question. References: <447l43mn8i.fsf@lowellg.ne.mediaone.net> From: Lowell Gilbert Date: 10 Jan 2001 15:21:21 -0500 In-Reply-To: agoodloe@gradient.cis.upenn.edu's message of "10 Jan 2001 20:56:54 +0100" Message-ID: <448zoj6tvi.fsf@lowellg.ne.mediaone.net> Lines: 19 X-Mailer: Gnus v5.7/Emacs 20.7 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG agoodloe@gradient.cis.upenn.edu (Alwyn Goodloe) writes: > > Your solution of Not enabling net.inet.ip.fw.enable sounds like it > would keep machines outside of the private network from mistaking > the private network's box as a router but the box would no longer act as > a router for the local network. I may be misunderstanding something. No, I was clearly wise to have included "assuming I understand the question correctly" in my original message. I didn't. You're right; the machines on the outside net wouldn't access that machine unless they were told about it somehow, and there are a limited number of ways that can happen. One is routing protocols (although that would only affect other machines also running the same protocols, which would probably be other routers). Aside from that, manual configuration is the only way anyone outside could decide to send packets to your router for further forwarding. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message