On 6/18/05, Jan Engelhardt <[email protected]> wrote:
> >I have just tried upgrading my firewall to 2.6.12, but neither of the following rules in my
> >FORWARD table was allowing return traffic:
>
> You forget about INPUT and OUTPUT. If you drop everything in INPUT, there's
> nothing to FORWARD.
No. INPUT/OUTPUT rules have nothing to do with FORWARDed traffic,
since a packet is either locally destined (INPUT), locally originated
(OUTPUT) or being forwarded (FORWARD).
> > 1109 814K ACCEPT all -- ppp0 br0 anywhere anywhere ctstate
> >RELATED,ESTABLISHED
> > 11M 13G ACCEPT all -- ppp0 br0 anywhere anywhere state
> >RELATED,ESTABLISHED
> >
> >I have currently returned to using 2.6.11.11, where the identical configuration works fine. br0 is
> >a bridge device containing two e100 devices, and ppp0 is my PPPoE DSL link. I am using iptables
> >1.3.1.
Did you have /proc/sys/net/ipv4/ip_forward turned on?
--
[ Tobias DiPasquale ]
0x636f6465736c696e67657240676d61696c2e636f6d
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
