Focus on Linux
Back to list
Oct 07 2005 06:23AM
Sven-Åke Larsson (Sven-Ake Larsson hiq se)
Oct 07 2005 07:47PM
Phil Dyer (phil dyermaker org)
-----BEGIN PGP SIGNED MESSAGE-----
Sven-Åke Larsson said:
> Even though this is a great solution with a lot of options there was a post
> from George Njoku with two different forward rules. Shouldn't it work? At
> least it's simple.
No, pretty sure it won't. George posted FORWARD rules. FORWARD does not
determine routing interfaces. Routing determines FORWARD interfaces.
You would still set the ACCEPT rules on the established traffic as
George demonstrates, but you can't do it just with the FORWARD chains.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
Comment: Public Key: http://www.dyermaker.org/gpgkey
-----END PGP SIGNATURE-----
[ reply ]
Copyright 2010, SecurityFocus