1 |
Dan Farrell schrieb: |
2 |
> On Mon, 10 Sep 2007 22:48:20 +0200 |
3 |
> Hans-Werner Hilse <hilse@×××.de> wrote: |
4 |
> |
5 |
>> is on what computer? On the "server" (I guess it's the router) the |
6 |
>> last line would effectively prevent routing for the client (but I |
7 |
>> don't know why ICMP works...). I would suggest starting without it |
8 |
>> and then setting up proper rules -- and then setting the chain's |
9 |
>> policy to DROP (plus some REJECT rules for proper answers). |
10 |
> |
11 |
> I agree, I thought your firewall rules were a little wacky too. These |
12 |
> rules only route to one host. generally you'd want to route to a whole |
13 |
> network, not just one host. |
14 |
> |
15 |
>> (but I don't know why ICMP works...). |
16 |
> |
17 |
|
18 |
Well, as I've written, they aren't "my" rules. I just copied and pasted |
19 |
them. |
20 |
|
21 |
I know just as much about iptables as I know about cars. I know the |
22 |
theory, I've seen the building process from like 10 meters distance and |
23 |
I use finished product. |
24 |
|
25 |
I'd really appreciate if you could post the correct settings or config |
26 |
file(s). |
27 |
-- |
28 |
gentoo-user@g.o mailing list |