[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please critique my iptables-based firewall



On May 22, Rob Weir wrote:
>
> I'm not an iptables expert, but I would suggest that  this should be
> the very last thing in the script, after all the rules have been set
> up.  Otherwise you've created a race condition that could
> (conceivably) cause a lot of pain.
> 
no no no.  All it does is set a runtime variable in the kernel to permit it
to forward TCP packets if need be.  You could say that it is nothing to do
with iptables.

Alex

-- 
 ___________________________________ 
/ Laugh, and the world ignores you. \
\ Crying doesn't help either.       /
 ----------------------------------- 
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

Attachment: pgp3QydpTUZLJ.pgp
Description: PGP signature


Reply to: