>Why do you DROP in the nat table instead of the filter table ?
>
>
>Antony.
Good Question ...
1. im very Young and i luv nat and seeing what it can do.. :-D , would also
eventually like to gain work in Internet Sercurity / Iptbales / Zebra /
Bridged / Gated / iproute2 / ipchains (yay) / TC TBF , CBQ , ect ect .
.2 actually i have every single one Policy's set to DROP for all of the
filter & nat chains.. :-D
is there something wrong with that, ? Yer but you have to check the logs
alot from the Drop & Log end of chain
per chain Rules i have (they all have a different prefix applies ie "Nat
Ouput")
so you can add more rules ... {:?/]
P.s. and about the MIRROR converstation
i need to set a way so all data on a Given Proto / IP gets MIRRORed but some
how Dnat it
so it goes to a Honney Pot for Logging and decide to take Action or not ..
:-D
(this is nearlly all working except the fact that the Packet / Traffic
accounting is not being properly matched ?? )
