also sprach Gareth Bowker [EMAIL PROTECTED] [2002.02.07.1017 +0100]:
If you're worried about missing stuff out, you could start with a firewall
that defaults everything to DROP and go from there...
good point. any-any-any-DROP is what i call the base firewall. there
is *no* argument for a
On 7 Feb 2002 04:17 AM, Gareth Bowker wrote:
You might also want to look at the 'ferm' package. [...]
To save bandwidth, I'll just thank everyone via this one message who
responded with suggestions on the list. I'm taking a look at all of
these options (including writing it myself) and they
I'm trying to figure out some things about using MASQUERADE instead of
SNAT. I have made some assumptions below, please correct me if I'm
wrong.
1) What is the benefit of doing it this way -- not having to specify the
external IP? If so, I guess it gets the IP from inside the kernel, like
you
3 matches
Mail list logo