unsubscribe

2004-10-21 Thread patrickleung

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread Martin G.H. Minkler
martin f krafft wrote: also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.20.1420 +0200]: ('cat file iptables-restore' will restore that table accordingly) another useless use of cat iptables-restore file Sorry, beginners idiocy, copying stuff from a tutorial he read. Unfortunately I am

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread martin f krafft
also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1345 +0200]: iptables-restore file Sorry, beginners idiocy, copying stuff from a tutorial he read. No reason to be sorry. It took me a while to learn this too... Although it is hardly imaginable that someone tm manages to spoof

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread Martin G.H. Minkler
martin f krafft wrote: also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1345 +0200]: Although it is hardly imaginable that someone tm manages to spoof the interface match, I wanted my rules as tight as possible thus using interface _and_ DynIP ('$IPTABLES -A INPUT -p tcp -d $IP_INET

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread martin f krafft
also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1532 +0200]: The basic idea was to double-latch things, if one criterium could be spoofed the other would still hold. Uh, ANY always holds, so it does not matter if you leave out the destination address. FWIW, destination IPs

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread simon
On Thu, Oct 21, 2004 at 03:41:30PM +0200, martin f krafft wrote: also sprach Martin G.H. Minkler [EMAIL PROTECTED] [2004.10.21.1532 +0200]: setups in which a LAN and a gateway with just one NIC were sharing a What's a gateway with just one NIC? The only time I've seen this done has been

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread martin f krafft
also sprach [EMAIL PROTECTED] [EMAIL PROTECTED] [2004.10.21.1549 +0200]: The only time I've seen this done has been with PPPoE; the gateway talked PPPoE with the remote end, and communicated with the LAN via the same NIC. Not that secure, but got the network running. Sounds horrible. --

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread Volker Tanger
Greetings! On Thu, 21 Oct 2004 16:15:49 +0200 martin f krafft [EMAIL PROTECTED] wrote: also sprach [EMAIL PROTECTED] [EMAIL PROTECTED] [2004.10.21.1549 +0200]: The only time I've seen this done has been with PPPoE; the gateway talked PPPoE with the remote end, and communicated with the LAN

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread Martin G.H. Minkler
martin f krafft wrote: Uh, ANY always holds, so it does not matter if you leave out the destination address. FWIW, destination IPs *cannot* be spoofed. Also, I am not sure you understand iptables correctly. If you specify two criteria in a rule, then they both have to hold. If you want to

Re: iptables-save/restore with dynamic IP

2004-10-21 Thread SLeiBt
Le jeu 21/10/2004 à 15:41, martin f krafft a écrit : setups in which a LAN and a gateway with just one NIC were sharing a What's a gateway with just one NIC? Actually, one can build a very good firewall with only one physical NIC. Well OK I admit you also need a manageable switch, which is