Re: Problems filtering UDP with Netfilter

To: debian-firewall@lists.debian.org
Subject: Re: Problems filtering UDP with Netfilter
From: Ax <vaclav.hula@capitol.cz>
Date: Fri, 8 Jun 2001 09:58:30 +0200
Message-id: <zVUq7C.A.d0.vWII7@murphy>
In-reply-to: <3B200E7A.B7B525C4@telusplanet.net>
References: <3B200E7A.B7B525C4@telusplanet.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dne pá 8. ?erven 2001 01:30 Stefan Srdic napsal(a):
> I'm attempting to filter all UDP datagrams under the 1023 port range.
> When I use the script below I cannot ping my ISP's web site or even surf
> the net. DO I have a malformed chain or am I missing an essential
> service?
>

well, ok. See, you have an packet, going throuh the rules, top-down.  it 
first hits REJECT rule (and is rejected), and it never makes it to the 
ACCEPT part. 
I recommend that you install ipmasq package (at least in sid it works w. 
iptables) and see how it works. (good example is worth tons of mail, I 
think ;))

Ax
- -- 
Vaclav Hula (vaclav.hula@capitol.cz)
UIN#36624092     http://atrey.karlin.mff.cuni.cz/~ax

- -----BEGIN GEEK CODE BLOCK-----
Version: 3.12 GCS/S/O d-(--) s:-- a-- C++ UL+++ P-- L+++(++) E--- W++$ N? 
o? K? w- O? M?
V? PS+++ PE Y+ PGP++ t+ 5+ !X R+++ tv(-) b+++ Dl+ D+ G>++ e* h! r+(%) y+ 
- ------END GEEK CODE BLOCK------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7IIWrvYCMyWSPsqkRAlVPAKCa12n+2T2iiyssZ3pSeGkj96pMigCglnZe
py6huHE4B9sKYVNnsAkcKO4=
=tVk2
-----END PGP SIGNATURE-----

Reply to:

References:
- Problems filtering UDP with Netfilter
  - From: Stefan Srdic <linuxbox@telusplanet.net>

Prev by Date: Re: Problems filtering UDP with Netfilter
Next by Date: Re: Problems filtering UDP with Netfilter
Previous by thread: Re: Problems filtering UDP with Netfilter
Next by thread: Re: Problems filtering UDP with Netfilter
Index(es):
- Date
- Thread