Re: which rule dropped the packet?

To: "Peter A. Felvegi" <felvegip@drmatrixbank.hu>
Cc: debian-firewall@lists.debian.org
Subject: Re: which rule dropped the packet?
From: Menno Scholten <m.scholten@planet.nl>
Date: Wed, 29 Oct 2003 12:01:31 +0100
Message-id: <[🔎] 3F9F9E0B.30700@planet.nl>
In-reply-to: <[🔎] Pine.LNX.4.43.0310291151040.24491-100000@www.drmatrixbank.hu>
References: <[🔎] Pine.LNX.4.43.0310291151040.24491-100000@www.drmatrixbank.hu>

if i forward a port to the lan, it works fine, can reach a local machine
from outside.  if i forward the same port to another machine on the inet,
the fw (on the machine that does the port forwarding) drops the packets.
why could that be?

I'm quite new to firewalling myself, but here's a thought. The packetsfollow the path of the firstmatched rule. So, they come to your first forwarding rule and all thepackets matching that rule get

forwarded, so none reach the second rule.

I would think that you need to work with multiple dports to forward allthe packets to all the machines.I'm in a hurry so I can't look up the syntax for that and it has to becompiled into the kernel as well.


To all you firewall guru's: correct me if I'm wrong.

Regards,
-Menno

Reply to:

References:
- which rule dropped the packet?
  - From: "Peter A. Felvegi" <felvegip@drmatrixbank.hu>

Prev by Date: which rule dropped the packet?
Next by Date: [Fwd: Re: which rule dropped the packet?]
Previous by thread: which rule dropped the packet?
Next by thread: Re: which rule dropped the packet?
Index(es):
- Date
- Thread