Re: iptables et protocole

To: debian <debian-firewall@lists.debian.org>
Subject: Re: iptables et protocole
From: "Martin Peikert" <Martin.Peikert@discon.de>
Date: Mon, 29 Apr 2002 14:19:32 +0200
Message-id: <[🔎] 3CCD3A54.1070505@discon.de>
References: <[🔎] PJPAOPFCJDCABAAA@mailcity.com> <[🔎] 3CCD19A8.9080606@discon.de>

Martin Peikert wrote:

sim ton wrote:

---8<---

futhermore is there a really difference between these 2 lines :
iptables -A FORWARD -p ip -src 134.134.134.134 -j accept
iptables -A FORWARD  -src 134.134.134.134 -j accept
I don't know exactly but I thought ip is the default (so there is nodifference between those rules) - can somebody correct me if I'm wrong?

Ok, I do it by myself - in the first case only ip is allowed, in thesecond all protocols. So there _is_ a difference: in the first case allother protocols (except ip) _do not match_ the given rule. If you don'thave another rule for those, the policy will be applied to the them.


GTi


--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- iptables et protocole
  - From: "sim ton" <firewall38@lycos.com>
- Re: iptables et protocole
  - From: "Martin Peikert" <Martin.Peikert@discon.de>

Prev by Date: Re: iptables et protocole
Next by Date: using DNAT problem
Previous by thread: Re: iptables et protocole
Next by thread: using DNAT problem
Index(es):
- Date
- Thread