in ipchains howto este :
----------------------------------------------------------------
| ACCEPT/ lo interface
|
v REDIRECT _______
|
--> C --> S --> ______ --> D --> ~~~~~~~~ -->|forward|----> _______
-->
h a |input | e {Routing } |Chain | |output
|ACCEPT
e n |Chain | m {Decision} |_______| --->|Chain |
c i |______| a ~~~~~~~~ | | ->|_______|
k t | s | | | | |
s y | q | v | | |
u | v e v DENY/ | | v
m | DENY/ r Local Process REJECT | | DENY/
| v REJECT a | | | REJECT
| DENY d --------------------- |
v e -----------------------------
DENY
deci am un ruter linux, care nu are nimic rulat pe el: un netstat -a
afiseaza numai icmp si tcp, si se doreste activarea unui firewall pe el.
Va ca aici cand s-a discutat de ipchains s-a optat pentru varianta
reguli pe in si out, iar pe forward -P ACCEPT.
Si de ce nu in si out -P ACCEPT si regulile pe forward???
C
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
