Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Newbie question - IP routing through a firewall

From: Kjell Wooding <kwooding () codetalker com>
Date: Mon, 01 Jun 1998 09:21:15 -0600


I've read you shouldn't have IP Routing enabled in the firewall, that's


That's dependant on the type of firewall, packet-level (yep) or application
level (nope).


Hm? Seems to me you should have IP forwarding DISabled, and the firewall
should be responsible for forwarding all traffic (Even in a packet
filtering environment). If the kernel can forward packets across
interfaces, you're asking for trouble. (Firewall gets disabled or
otherwise, OS happily forwards ALL packets. Not the situation you want to see)

-kj
--
Kjell Wooding <kwooding () codetalker com>
Codetalker Communications, Inc.

http://www.codetalker.com/
Previous By Date Next
Previous By Thread Next

Current thread: