| 1 |
Dan Farrell schrieb: |
| 2 |
> On Mon, 10 Sep 2007 22:48:20 +0200 |
| 3 |
> Hans-Werner Hilse <hilse@×××.de> wrote: |
| 4 |
> |
| 5 |
>> is on what computer? On the "server" (I guess it's the router) the |
| 6 |
>> last line would effectively prevent routing for the client (but I |
| 7 |
>> don't know why ICMP works...). I would suggest starting without it |
| 8 |
>> and then setting up proper rules -- and then setting the chain's |
| 9 |
>> policy to DROP (plus some REJECT rules for proper answers). |
| 10 |
> |
| 11 |
> I agree, I thought your firewall rules were a little wacky too. These |
| 12 |
> rules only route to one host. generally you'd want to route to a whole |
| 13 |
> network, not just one host. |
| 14 |
> |
| 15 |
>> (but I don't know why ICMP works...). |
| 16 |
> |
| 17 |
|
| 18 |
Well, as I've written, they aren't "my" rules. I just copied and pasted |
| 19 |
them. |
| 20 |
|
| 21 |
I know just as much about iptables as I know about cars. I know the |
| 22 |
theory, I've seen the building process from like 10 meters distance and |
| 23 |
I use finished product. |
| 24 |
|
| 25 |
I'd really appreciate if you could post the correct settings or config |
| 26 |
file(s). |
| 27 |
-- |
| 28 |
gentoo-user@g.o mailing list |
Archives