RE: re nat masquerade router

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Di, den 15.06.2004 schrieb Michael Floyd um 21:16:

> your very welcome but looking over you iptable that you posted, your missing
> one very critical piece to the puzzle....
> You have to add a line....
> Iptables -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j
> ACCEPT
> With out this, no packets will be accepted back to the machine.
> Remember, the request for the web site must be able to come back through the
> router
> Michael Floyd

Hm? He has already the RH-Firewall-1-INPUT chain wide open! His first
rule inside this chain is

ACCEPT     all  --  anywhere             anywhere

So the rest of what is in there is bypassed by that. And your suggested
rule is just necessary in a different setup or at a later time, when all
runs, as an exchange to the global "accept all incoming traffic" rule.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435 
Serendipity 21:27:54 up 17:54, 8 users, 0.16, 0.24, 0.22 

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux