Re: Iptables forwarding - Patrick Schaaf

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick Schaaf <bof@bof.de>
To: Loc Huynh <loc.huynh@oz.quest.com>
Cc: netfilter@lists.samba.org
Subject: Re: Iptables forwarding
Date: Wed, 26 Jun 2002 10:07:08 +0200	[thread overview]
Message-ID: <20020626100708.A729@oknodo.bof.de> (raw)
In-Reply-To: <1C61B9073EBFBD40B45FA90B8265B2DD1BDF@MELXCHW01.oz.quest.com>; from loc.huynh@oz.quest.com on Wed, Jun 26, 2002 at 05:41:37PM +1000

Hi,

> The above worked fine if I have the "FORWARD" to be open to ACCEPT
> ie: $IPTABLES -P FORWARD ACCEPT
> 
> Of course, I don't want the default is open to "ACCEPT", is there anyway to
> avoid this please ?

Without thinking about your exact setup, here is a general advise:
in a case like the one you have on your hands, when you see that
a chain default policy is neccessary for something to work, you
can immediately guess that you are missing a neccessary rule within
the chain itself. Now what can you do to find out what kind of
rule you need? Easy: use the LOG target at the end of the chain,
and you will see in your syslog (/var/log/messages, most likely)
the address information of the packets which fall off the end
of your chain.

hope this helps
  Patrick

next prev parent reply	other threads:[~2002-06-26  8:07 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-06-26  7:41 Iptables forwarding Loc Huynh
2002-06-26  8:07 ` Patrick Schaaf [this message]
2002-06-26  9:35 ` Antony Stone
  -- strict thread matches above, loose matches on Subject: below --
2002-06-27  3:48 Loc Huynh
2002-06-27  5:16 ` Patrick Schaaf
     [not found] <1C61B9073EBFBD40B45FA90B8265B2DD1BE8@MELXCHW01.oz.quest.com>
2002-06-27  7:39 ` Antony Stone
2005-03-22 10:33 N Gal
2005-03-22 10:47 ` Gavin Hamill
2005-03-24 10:19   ` N Gal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20020626100708.A729@oknodo.bof.de \
    --to=bof@bof.de \
    --cc=loc.huynh@oz.quest.com \
    --cc=netfilter@lists.samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.