Re: NetFilter connection tracking

To: debian-firewall@lists.debian.org
Subject: Re: NetFilter connection tracking
From: Rob Weir <rweir@softhome.net>
Date: Wed, 11 Dec 2002 03:28:12 +1100
Message-id: <[🔎] 20021210162812.GI25341@thebox.home.local>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <Pine.LNX.4.33.0211251212330.28348-100000@eeek.org.uk>
References: <E18GGeg-0003L4-00@qed.penguin.lib.org> <Pine.LNX.4.33.0211251212330.28348-100000@eeek.org.uk>

On Mon, Nov 25, 2002 at 12:42:13PM +0000, enyc@eeek.org.uk wrote:
> I wonder if iptables 'related' matches returned ident connections and/or
> can forward ident connection to machine that actually originated outgoing
> connection instead of only recieving ident connection on
> iptables/netfilter machine itself.

This would be very complicated to implement.  A much easier solution is
to install an identd that understands masquearding and can either lie to
every server that connects to it, or forward connections into your
internal network.  At least midentd and oidentd can do this.

-rob

Attachment: pgpNjwRiYijEK.pgp
Description: PGP signature

Reply to:

Prev by Date: Re: Custom firewalls using Debian? (lol!)
Next by Date: Shorewall from stable to testing
Previous by thread: Re: Custom firewalls using Debian? (lol!)
Next by thread: Shorewall from stable to testing
Index(es):
- Date
- Thread