specify in-coming interface but appear from anywhere (rh7.2)
Hi, I have this configuration Redhat 7.2 with iptables 1.2.4 (rh rpm) eth0: internet - 202.188.x.x eth1: DMZ - 192.168.100.1 eth2: Internal network - 192.168.1.1 I want to set the rule that accept forwadingcome out from eth2 to eth1 (dmz). /sbin/iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT But, when I do iptables -L, The rules show that it is from source: Anywhere to Destination: Anywhere I tested with other INPUT rules, the result stil the same - anywhere to anywhere So is it suppose to be like this? or this is Redhat 7.2 problem? Please guide. Thanks __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
Re: specify in-coming interface but appear from anywhere (rh7.2)
--- langzi [EMAIL PROTECTED] wrote: Hi, I have this configuration Redhat 7.2 with iptables 1.2.4 (rh rpm) eth0: internet - 202.188.x.x eth1: DMZ - 192.168.100.1 eth2: Internal network - 192.168.1.1 I want to set the rule that accept forwadingcome out from eth2 to eth1 (dmz). /sbin/iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT But, when I do iptables -L, The rules show that it is from source: Anywhere to Destination: Anywhere This from any source ip address to any destination ip address I tested with other INPUT rules, the result stil the same - anywhere to anywhere So is it suppose to be like this? or this is Redhat 7.2 problem? Its supposed to be like this and this is correct Please guide. Thanks __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
Re: specify in-coming interface but appear from anywhere (rh7.2)
On Tuesday 28 May 2002 7:49 am, langzi wrote: Hi, I want to set the rule that accept forwarding from eth2 to eth1 (dmz). /sbin/iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT But, when I do iptables -L, The rules show that it is from Source: Anywhere to Destination: Anywhere This is correct - the Anywhere means IP addresses. Since you did not specify any source or destination addresses with -s or -d, you really are allowing packets from any address to any address. If you want to see the interfaces which your rules will allow, then use: iptables -L -v Antony.
