[ale] Off the wall question about IP_Forward.

Thu Feb 10 19:12:36 EST 2005

On Thu, 2005-02-10 at 17:33 -0500, John Cole wrote:
> Howdy!
> 
> Well, the other problem is that I have 2 nics on the same system that I can
> NOT have ip_forward turned on.  Is it still possible to do any forwarding
> via iptables/etc but without ip_forward?
iptables -I FORWARD -i eth2 -j DROP
iptables -I FORWARD -d eth2 -j DROP

if the interface not allowed to be forwarded is eth2

This should stop all forwarding to and from that interface.

ip_forward must be set to "1" to allow any packet transfer between
interfaces on seperate networks.
> 
> Thanks,
> John
> 
> -----Original Message-----
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Philip
> Polstra
> Sent: Thursday, February 10, 2005 5:03 PM
> To: Atlanta Linux Enthusiasts
> Subject: Re: [ale] Off the wall question about IP_Forward.
> 
> I think that what you would want to do is to set up 2 NIC's to forward using
> iptables.  You could drop packets that people try and forward across the
> others.
> 
> On Thu, 10 Feb 2005 13:18:58 -0500, John Cole <jcole at filink.com> wrote:
> > Howdy all!
> > 
> > I'm just curious, is IP_FORWARD a global setting or might it be 
> > possible to enable IP_FORWARD on only 2 nics on a system that has 
> > several?
> > 
> > Just wondering and haven't been able to find anything yet about this.
> > 
> > Thanks,
> > John Cole, TICSA
> > FiLink
> > 770-420-1546 x102
> > 1-866-534-5465
> > jcole at filink.com
> 
> 
> This email and any files transmitted with it are solely intended for the use of the
> addressee(s) and may contain information that is confidential and privileged. If 
> you receive this email in error, please advise us by return email immediately. 
> Please also disregard the contents of the email, delete it and destroy any copies 
> immediately. 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part