* $INET_IFACE -> $LAN_IFACE
@ 2003-02-26 17:43 Magnus Solvang
0 siblings, 0 replies; only message in thread
From: Magnus Solvang @ 2003-02-26 17:43 UTC (permalink / raw)
To: netfilter
Do you normally forward everything from e.g eth0 to eth1?
I recently upgraded (downloaded) a lot of packages on the
webserver, and noticed later on the mrtg-graph that the
traffic was identical (only switched) on the two interfaces.
Is downloading ftp-data to the firewall from the internet
really related, established, so that is should be forwarded
to the internal interface?
# iptables -L FORWARD -v
Chain FORWARD (policy DROP 5 packets, 224 bytes)
pkts bytes target prot opt in out source destination
28224 2433K ACCEPT all -- eth0 eth1 anywhere anywhere \
state RELATED,ESTABLISHED
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state \
--state ESTABLISHED,RELATED -j ACCEPT
- M
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-02-26 17:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-02-26 17:43 $INET_IFACE -> $LAN_IFACE Magnus Solvang
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox