Re: Question about MASQ chain behavior in ipchains
Stan Kaufman <email@example.com> a écrit :
| Then in the rules for the External interface, only certain ports appear
| to be let back in. I presume that the second and third rules with
| destination ports 61000:65095 are for returning masqueraded packets, eh?
| This example doesn't make clear to me what happens to packets from the
| Internal network when they're jumped to MASQ. Do they get a new port (in
| the range 61000:65095) in addition to the masqueraded ip address so that
| when they come back they get past the Bad interface to get
| Or do they just go around the Bad interface because in
| some other fashion they're identified as masqueraded packets through
| something MASQ does?
as you masquerade all sent packets, you should only receive masqueraded
packets. Only port range identifies these packets.
Too bad this mechanism could not be applied for a standalone system :
packets are not forwarded.
firstname.lastname@example.org (Michel Verdier)