netbsd-help: Is net.inet.ip.forwarding=1 required for a (non-NAT) firewall?

Subject: Is net.inet.ip.forwarding=1 required for a (non-NAT) firewall?
To: None <netbsd-help@netbsd.org>
From: =?iso-8859-1?q?Gr=E9goire=20Sutre?= <sutre@labri.fr>
List: netbsd-help
Date: 11/03/2003 19:29:30

Hi,

I'm afraid this is a stupid question, but I could not find the answer for=
 it=20
in NetBSD's documentation nor in IP Filter's howto :-/

I'm running IP Filter on a NetBSD 1.6.1 workstation, but I'm not using IP=
 Nat=20
(my /etc/rc.conf script says ipfilter=3DYES and ipnat=3DNO).

Do I need to enable IP forwarding with sysctl -w net.inet.ip.forwarding=3D=
1 or=20
can I leave IP forwarding disabled?

I guess I can leave it disabled, but I'm not sure...

Thanks for your help,

Gregoire.