[rescue] Putting an insecure machine on a network
Sheldon T. Hall
shel at tandem.artell.net
Tue Mar 21 15:57:21 CST 2006
Mike F writes ...
>
> You'll want to do `ndd -set /dev/tcp ip_forwarding 1` to set
> forwarding between the 2 interfaces (and maybe put it in an
> init script to persist between reboots.)
Ah, right. I thought I had to touch some file. I wonder what I was thinking
about.
I assume I'll also need an ifconfig or two to bring up the hme0 interface,
etc.
> Then you'll have to write your ipf.conf. This should be easy
> because your needs are pretty simple :-)
No prob there. I run ipfilter on my main server, generating the ipf.conf file
with a script, etc.
> I've been looking at iptables a little lately, and I can tell
> you ipfilter and pf are an absolute joy compared to iptables.
I have found using ipfilter on my main IRIX server quite easy, but it came
already packaged. In any case, I have a more complete development environment
on the IRIX box; this Sun thing is pretty stripped-down.
Thanks a ton.
-Shel
More information about the rescue
mailing list