On Tue, 20 Jan 2009, Jorge Bras wrote:
in iptables config, why not, change the default forward policy to drop ?
by default ip forwarding is off, but I think is a good practice deny
everything by default, just in case.
I could be wrong on this but:
net.ipv4.ip_forward = 0
listed in 1.2 should cover that. I'm not sure how its all designed to
work. I just know how it seems to work.
Its probably not a bad idea to set it in both places though.