Newbie question - IP routing through a firewall

Kjell Wooding kwooding@codetalker.com
Mon, 01 Jun 1998 09:21:15 -0600


>>I've read you shouldn't have IP Routing enabled in the firewall, that's
>
>That's dependant on the type of firewall, packet-level (yep) or application
>level (nope).

Hm? Seems to me you should have IP forwarding DISabled, and the firewall
should be responsible for forwarding all traffic (Even in a packet
filtering environment). If the kernel can forward packets across
interfaces, you're asking for trouble. (Firewall gets disabled or
otherwise, OS happily forwards ALL packets. Not the situation you want to see)

-kj
--
Kjell Wooding <kwooding@codetalker.com>
Codetalker Communications, Inc.

http://www.codetalker.com/