From: Whit Blauvelt <whit@transpect.com>
To: Mario Mer?ngolo <mmeringolo@arnet.com.ar>
Cc: netfilter@lists.netfilter.org
Subject: Re: simple newbie question
Date: Sat, 9 Aug 2003 18:00:09 -0400 [thread overview]
Message-ID: <20030809220009.GA27575@china.patternbook.com> (raw)
In-Reply-To: <000101c35ebe$9504e8f0$0401a8c0@pc2>
Since eth1 is the closest to the wider Net, that's where to build your
- firewall unless you're also concerned with other people on your home
network having certain sorts of access to your Linux box, in which case you
might want to have rules for eth0 too. Most of us only worry about the
external interface - eth1 in your setup.
I don't use ppp, but for most purposes rules about ppp0 and eth1 should have
the same effect for you, I think.
Whit
On Sat, Aug 09, 2003 at 06:38:32PM -0300, Mario Mer?ngolo wrote:
> Im starting with this iptables stuff and trying to manage a home network
> trough linux and adsl + pppoe
>
> I have two simple questions.
>
>
>
> I have my adsl router conected to my eth1
>
>
>
> When im setting my iptables rules, should I think that eth0 routes packages
> through eth1 to ppp0 ?
>
>
>
> Because, if that is, my drop rules should be defined on eth1, and my input
> ones on eth0
>
>
>
> Our should i think that eth1 does not matter and my reliable is eth0 and my
> unreliable ppp0 ?
>
>
>
> Please forgive my crude english
>
>
>
> Thanx
>
>
>
>
>
next prev parent reply other threads:[~2003-08-09 22:00 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-09 21:38 simple newbie question Mario Meríngolo
2003-08-09 22:00 ` Whit Blauvelt [this message]
2003-08-10 11:53 ` rverduij
2003-08-11 21:19 ` Rob Verduijn
-- strict thread matches above, loose matches on Subject: below --
2005-05-04 4:43 Simple Newbie question Steve Castellotti
2005-05-04 5:16 ` Greg KH
2005-05-05 0:49 ` Steve Castellotti
2005-05-05 18:48 ` Linas Vepstas
2005-05-06 11:50 ` Steve Castellotti
2005-05-06 11:52 ` Steve Castellotti
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030809220009.GA27575@china.patternbook.com \
--to=whit@transpect.com \
--cc=mmeringolo@arnet.com.ar \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.