martin f krafft wrote:
also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.20.1420 +0200]:
('cat file iptables-restore' will restore that table
accordingly)
another useless use of cat
iptables-restore file
Sorry, beginners idiocy, copying stuff from a tutorial he read.
Unfortunately I am
also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1345 +0200]:
iptables-restore file
Sorry, beginners idiocy, copying stuff from a tutorial he read.
No reason to be sorry. It took me a while to learn this too...
Although it is hardly imaginable that someone tm manages to
spoof
martin f krafft wrote:
also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1345 +0200]:
Although it is hardly imaginable that someone tm manages to
spoof the interface match, I wanted my rules as tight as possible
thus using interface _and_ DynIP ('$IPTABLES -A INPUT -p tcp -d
$IP_INET
also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1532 +0200]:
The basic idea was to double-latch things, if one criterium could
be spoofed the other would still hold.
Uh, ANY always holds, so it does not matter if you leave out the
destination address. FWIW, destination IPs
On Thu, Oct 21, 2004 at 03:41:30PM +0200, martin f krafft wrote:
also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1532 +0200]:
setups in which a LAN and a gateway with just one NIC were sharing a
What's a gateway with just one NIC?
The only time I've seen this done has been
also sprach [EMAIL PROTECTED] [EMAIL PROTECTED] [2004.10.21.1549 +0200]:
The only time I've seen this done has been with PPPoE; the gateway
talked PPPoE with the remote end, and communicated with the LAN
via the same NIC. Not that secure, but got the network running.
Sounds horrible.
--
Greetings!
On Thu, 21 Oct 2004 16:15:49 +0200 martin f krafft [EMAIL PROTECTED]
wrote:
also sprach [EMAIL PROTECTED] [EMAIL PROTECTED] [2004.10.21.1549
+0200]: The only time I've seen this done has been with PPPoE; the
gateway talked PPPoE with the remote end, and communicated with the
LAN
martin f krafft wrote:
Uh, ANY always holds, so it does not matter if you leave out the
destination address. FWIW, destination IPs *cannot* be spoofed.
Also, I am not sure you understand iptables correctly. If you
specify two criteria in a rule, then they both have to hold. If you
want to
Le jeu 21/10/2004 à 15:41, martin f krafft a écrit :
setups in which a LAN and a gateway with just one NIC were sharing a
What's a gateway with just one NIC?
Actually, one can build a very good firewall with only one physical NIC.
Well OK I admit you also need a manageable switch, which is
10 matches
Mail list logo