Subject: Re: kern/2121: Default setting of ip.forwarding is not good
To: Neil J. McRae <neil@domino.org>
From: Perry E. Metzger <perry@piermont.com>
List: netbsd-bugs
Date: 02/28/1996 18:57:03
"Neil J. McRae" writes:
> On Sat, 24 Feb 1996 14:10:41 -0500 
>  "Perry E. Metzger" <perry@piermont.com> wrote:
> > Indeed, I actually think its a significant bug that there is no way to
> > compile the kernel with support for forwarding of source routed
> > packets off, which is a significant security hole, too...
>
> I disagree, this should be the default,

Certainly it should be the DEFAULT. I just think there should be an
option to turn it off, for firewalls and the like

> although I agree there should be away to switch it off, maybe a
> sysctl if possible...

Perry