[EMAIL PROTECTED] wrote:
>
> On Mon, 5 Mar 2001, Andrei Pelinescu - Onciul wrote:
>
> > > si iptables -t filter -A INPUT -d xxx.xxx.xxx.xxx -j ACCEPT
> > ^^^^^ trebuie tot FORWARD (INPUT e numai
> > pentru ce vine pentru hostul local).
> ^^^^^^^^^^^^ io nu te cred ... tu te crezi ?
???
iptables:
IN (NIC) -> NF_IP_PREROUTING -> ROUTE -> NF_IP_FORWARD -> ...
|
NF_IP_LOCAL_IN
|
procese locale
Adica daca pui regula aia pe INPUT cu -d xxx o sa prinda ceva numai daca
xxx == una din adresele hostului local (ala care face filtrarea).
Pentru pachete forwardate hookurile iptables parcurse sunt: PREROUTING,
FORWARD, POSTROUTING.
Pentru pachete cu destinatie locala: PREROUTING, LOCAL_IN (INPUT).
Pentru pachete generate local cu destinatie afara: LOCAL_OUT,
POSTROUTING.
E diferit de ipchains unde pachetele treceau tot timpul prin INPUT chiar
daca trebuiau forwardate.
Andrei
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
- [rlug] Re: iptables vs ipchains Paul Dorneanu [root]
- [rlug] Re: iptables vs ipchains Tarhon-Onu Victor
- [rlug] Re: iptables vs ipchains Paul Dorneanu [root]
- [rlug] Re: iptables vs ipchains 092.853.212
- [rlug] Re: iptables vs ipchains Catalin Braica
- [rlug] Re: iptables vs ipchains Andrei Pelinescu - Onciul
- [rlug] Re: iptables vs ipchains ionut.spirlea
- [rlug] Re: iptables vs ipchains Catalin Braica
- [rlug] Re: iptables vs ipchains ionut.spirlea
- [rlug] Re: iptables vs ipchains Tarhon-Onu Victor
- [rlug] Re: iptables vs ipchains Andrei Pelinescu - Onciul
- [rlug] Re: iptables vs ipchains ionut.spirlea
- [rlug] Re: iptables vs ipchains Florin Andrei
- [rlug] procmail A.Berdan
- [rlug] Re: procmail Camelia Nastase
- [rlug] Re: procmail A.Berdan
- [rlug] Re: procmail teo
- [rlug] Re: procmail A.Berdan
- [rlug] Re: procmail teo
- [rlug] Re: procmail Dragos Boca
- [rlug] Re: iptables vs ipchains marian
