SUMMARY: ip forwarding

From: Ed Baxter (
Date: Thu Dec 22 1994 - 15:17:46 CST

my original question was:

>I have a machine on the network that was once used as a firewall and
>mailhost. We now have a firewall router that I want to use instead. I
>believe the sun box has had "ip forwarding" turned off and I need to
>know what is involved in turning it back "on".

The following was sent by Nate Itkin, and covers all the answers I recieved.

----- Begin Included Message -----

 for SunOS 4.1.3 :
  67) How do I disable/enable packet forwarding?
          Under 4.1 and above(does not include SunOS 5.x),
          you can do this by using one of the following methods:
          adb -k -w /vmunix /dev/mem
          _ip_forwarding: 0 = unimp 0x0
          ip_forwarding/w -1 <- changes in running kernel only!
          ip_forwarding?w -1 <- changes running kernel and disk image
          In your kernel configuration file (... /sys/netinet/in_proto.c),
          insert the following line:
          options "IPFORWARDING=-1"
          Note: The above example disables packet forwarding.
          Here is a list of IP forwarding options
          (from /usr/kvm/sys/netinet/in_proto.c)
                  ip_forwarding = -1 -- never forward; never change this value.
                  ip_forwarding = 0 -- don't forward; set this value to 1
                                         when two interfaces are up.
                  ip_forwarding = 1 -- always forward.
          options IPFORWARDING="-1"
  You could do it before the ifconfig commands in /etc/rc.boot with e.g.
  echo "ip_forwarding/W 0" | adb -k -w /vmunix /dev/mem
  In Solaris 2 systems set it with 'ndd -set /dev/ip ip_forwarding -1'.
  Make sure routed does not advertise routes, either do not run routed or
  run 'in.routed -q' for quiet mode - no broadcasts are sent.
----- End Included Message -----

thanks to :

        Nate Itkin <> (Greg Roberts)
        Markly Dykeman <> (Sun Managers at Telecom)
        John Valdes <> (Perry Hutchison)
        John Elliot <>
        david@srv.PacBell.COM (David St. Pierre)
        Andy Kumeda <>
        grevemes@VTC.TACOM.Army.Mil (Steven Grevemeyer)
        Keizo Fujii <>

Ed Baxter
Praegitzer Design

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:17 CDT