[techtalk] Netstat weirdness

Malcolm Tredinnick malcolm at commsecure.com.au
Thu Aug 17 23:58:23 EST 2000


On Thu, Aug 17, 2000 at 12:54:55PM +0100, Conor Daly wrote:
> On Thu, Aug 17, 2000 at 08:41:00PM +1000 or so it is rumoured hereabouts,
>  Malcolm Tredinnick thought...
> > 
> > On other distributions, there may be a similar method, but the general
> > solution is just to do:
> > 
> > 	echo 1 > /proc/sys/net/ipv4/ip_forward
> 
> The "echo 1 > ... " line is indeed in use on the gateway in the
> firewall script, not sure if it is there on the server (both running
> RH6.2).  I seem to remember (when using linuxconf) checking the "allow
> packet forwarding" on the server but doing it in the config files
> always seems to be the better route.  
> 
> I have found at times that, after modifying a config file with vi,
> linuxconf doesn't seem to read back the config from the same file(s).
> Does it keep a database of settings elsewhere or something?

No. Linuxconf tries to parse the various configuration files to work out
what the current settings are. In general, I think it is safer to use
linuxconf all the time, just to keep everything sane.

In this case, though, linuxconf (on RH6.2) will change the
/etc/sysctl.conf file. If you do the same thing, I would recommend
altering the comment before the line that sets up ip_forwarding (it is a
particularly *stupid* comment, imho, since it says what the default
setting does and if you change that setting without altering the
comment, you are left wondering whether 1 means "enabled" or
"disabled").

Cheers,
Malcolm

-- 
Malcolm Tredinnick            email: malcolm at commsecure.com.au
CommSecure Pty Ltd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://linuxchix.org/pipermail/techtalk/attachments/20000817/f83a89c3/attachment.pgp


More information about the Techtalk mailing list