On Wed, 2001-11-14 at 23:08, lonely wolf wrote: > > "George B." wrote: > > > cum pot sa tai cu iptables tot ce inseamna ping/traceroute dintr-o > > retea interna cu masq spre internet? > > poti taia fie in FORWARD (-A FORWARD -s localnet -p icmp -j DROP) fie in > POSTROUTING (-A POSTROUTING -t nat -s localnet -p icmp -j REJECT > --with-type....)
Cred ca "elegant" este in FORWARD, din cauza ca acolo stau chestiile care tin de filtrare. POSTROUTING e mai mult pentru NAT, etc. Nu ca n-ar merge, totusi... -- Florin Andrei "Our falsehoods are not so much a fundamental error as a resistance against a higher order." - Satprem --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
