On Thu, Jan 31, 2002 at 12:46:59PM -0800, Cory Petkovsek wrote: > > Most likely, your IP stack will be looking for the response on the dsl > line, since that is where it left. So in effect your firewall will be > pinging google, google will be responding to the left ear(nic), but your > firewall will be listening to its right ear, meanwhile wondering what > this junk data is on it's left ear.
Wouldn't that completely break this rule? > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT How would netfilter know that packets coming in on eth1 are related to what was sent out on eth0? Wouldn't you also need some kind of state translation/creation, or no filtering whatsoever on eth1? -- <[EMAIL PROTECTED]>
