Re: netfilter Digest, Vol 8, Issue 50

Re: netfilter Digest, Vol 8, Issue 50

[Visham Ramsurrun]

Hi to all,

I wanted to ask if it is possible to have packets enter a firewall
host on eth0 and get sent back on the same interface, i.e sth like
...-i eth0 -o eth0...

Is this possible using the iptables commands. If not, is there a way
to do it (I mean by modifying IPTables code)?

Thx in advance..

Regards,
Visham

Re: netfilter Digest, Vol 8, Issue 50

[Mohamed Eldesoky]

You want to ask if you can find packets like that, or you want to
redirect packets like that ??


On Tue, 29 Mar 2005 09:34:05 +0400, Visham Ramsurrun
<vishamr2000@gmail.com> wrote:
> Hi to all,
> 
> I wanted to ask if it is possible to have packets enter a firewall
> host on eth0 and get sent back on the same interface, i.e sth like
> ...-i eth0 -o eth0...
> 
> Is this possible using the iptables commands. If not, is there a way
> to do it (I mean by modifying IPTables code)?
> 
> Thx in advance..
> 
> Regards,
> Visham
> 
> 


-- 
Mohamed Eldesoky
www.eldesoky.net
RHCE

Re: netfilter Digest, Vol 8, Issue 50

[Jason Opperisano]

On Tue, Mar 29, 2005 at 09:34:05AM +0400, Visham Ramsurrun wrote:
> I wanted to ask if it is possible to have packets enter a firewall
> host on eth0 and get sent back on the same interface, i.e sth like
> ...-i eth0 -o eth0...

if your routing table says that a packet needs to go out eth0, then it
will go out eth0...if it happened to enter on eth0 isn't really part of
the decision.

> Is this possible using the iptables commands. If not, is there a way
> to do it (I mean by modifying IPTables code)?

if you are trying to override the normal routing decision, you could use
netfilter targets such as DNAT, or ROUTE...or you could use netfilter
MARK-ing in conjunction with iproute2, or just solely iproute2.

-j

--
"The kneebone's connected to the... something. The something's
 connected to the... red thing. The red thing's connected to my wrist
  watch... Uh oh."
          --The Simpsons