tom@fangorn.gsfc.nasa.gov (Thomas D. Schardt) (02/08/90)
Our network management wants all UNIX workstations that are not
performing routing functions (99.9% of the machines on base) to
turn off ipforwarding. Unforunately, SGI sets ipforwarding as
the default. I have read "Kernal Configuration" in the Irix 3.2
System Administrator's Guide, and I have determined that the
following procedure should rebuild the kernal with ipforwarding
off:
% su
# cd /usr/sysgen/master.d
# cp bsd bsd.old
# vi bsd
change
int ipforwarding = 1;
to
int ipforwarding = 0;
ZZ
# cd /usr/sysgen/boot
# cp bsd.a bsd.a.old
# lboot -u /unix.install
# cd /
# cp unix unix.orig
# sync
# sync
# reboot
When /etc/rc2.d/S95autoconfig is run and the following prompt appears,
answer 'y':
Automatically reconfigure the operating system?
Is this the correct procedure? Also is there any way of determining if
the ipforwarding flag is off in a given kernal file?
Tom Schardt Bitnet: K4TDS at SCFVM
NASA/Goddard Space Flight Center Internet: K4TDS@SCFVM.GSFC.NASA.GOV
Code 632 Opinions expressed are my own and do not
Greenbelt, MD 20771 necessarily reflect the opinions of my employerbrendan@illyria.wpd.sgi.com (Brendan Eich) (02/08/90)
In article <818@dftsrv.gsfc.nasa.gov>, tom@fangorn.gsfc.nasa.gov (Thomas D. Schardt) writes: > [procedure used to turn off ipforwarding] > # cd /usr/sysgen/boot > # cp bsd.a bsd.a.old I don't see any point in making a backup copy of bsd.a. Lboot doesn't touch it, it merely calls ld to link from it. > # lboot -u /unix.install > # cd / > # cp unix unix.orig You can do the lboot after making the backup copy of /unix by invoking /etc/init.d/autoconfig This is probably "safer" and likelier to work in the future. If you had rebooted without running lboot, this script would have been run via its /etc/rc2.d/S95autoconfig link (ain't System V.3 aesthetic?), and lboot would have noticed the new-ness of the /usr/sysgen/master.d/bsd file and reconfigured a kernel. > # sync > # sync > # reboot Sync before reboot is a superstition on modern Unixes. The reboot system call code does an extremely effective internal sync (and if it doesn't, it is broken and we want to know!). > When /etc/rc2.d/S95autoconfig is run and the following prompt appears, > answer 'y': > > Automatically reconfigure the operating system? > > Is this the correct procedure? Also is there any way of determining if > the ipforwarding flag is off in a given kernal file? Try 'dbx -k /unix /dev/kmem' and then 'p ipforwarding' to dbx. Brendan Eich Silicon Graphics, Inc. brendan@sgi.com
tom@fangorn.gsfc.nasa.gov (Thomas D. Schardt) (02/08/90)
Sorry folks...Andrew Cherenson of SGI pointed out that ipforwarding is only used if more than one Ethernet controller is online. I know, "Read the comments more closely that's what we put them there for." Thanks for the quick reply Andrew. Tom Schardt Bitnet: K4TDS at SCFVM NASA/Goddard Space Flight Center Internet: K4TDS@SCFVM.GSFC.NASA.GOV Code 632 Opinions expressed are my own and do not Greenbelt, MD 20771 necessarily reflect the opinions of my employer