> >You can reach a machine on the 192.168.1.0 network your saying? Sounds
> >like the router is incorrectly configured, unless its done intentionally.
> >These addresses are never supposed to be routed.
> >
>
> That's not quite correct. It is perfectly valid to route these networks. It is
> invalid to broadcast routes for them on a public network.
I guess I cut too much from his original post -- his other interface is
valid IP addresses.. [RFC1597]
> >Re-enable IP forwarding and use ipfwadm to restrict access. Your
> >basically building a firewall at this point. Do you simply want to
> >prevent telnet access to the network, or secure the 192.168. network and
> >the data behind it?
> >
>
> This misses the point. With IP forwarding turned off he isn't routing packets.
> The issue is that his machine is currently spending resources rejecting packets
> bound for the private network. Turning IP forwarding on and seting up packet
> filtering would be redundant.
I thought he wanted to go the other way as well.. Meaning going from the
192 to the valid network, where forwarding would be necessary.
> The real question is why can other machine's see the network. I would
> talk to the local network admin and find out why the router has routes
> for this network to you.
The plot thickens. After talking to him further in private mail, I found
out he has IP forwarding disabled, yet people on the valid network can
reach the 192 network.
Dave
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
