Re: cleaning up my firewall script...

To: debian-firewall@lists.debian.org
Cc: Bjoern Schmidt <bj-schmidt@uni-paderborn.de>
Subject: Re: cleaning up my firewall script...
From: Pieter Smit <debian-firewall@vigor.co.za>
Date: Mon, 9 Feb 2004 21:30:13 +0200
Message-id: <[🔎] 20040209193013.GA9051@peslaptop.vigor.co.za>
Reply-to: smitpe@vigor.co.za
In-reply-to: <[🔎] 4026D058.1000803@uni-paderborn.de> (from bj-schmidt@uni-paderborn.de on Mon, Feb 09, 2004 at 02:12:08 +0200)
References: <[🔎] 40267F4B.5060008@uni-paderborn.de> <1076266167.6890.67.camel@laptop.richard> <[🔎] 4026D058.1000803@uni-paderborn.de>

Hi Bjoern,

I remember reading that in iptables the INPUT chain is not used whenpackets are forwarded, only the FORWARD chain, try adding


	iptables -A FORWARD -j SHRED

Regards,
Pieter Smit
On 2004.02.09 02:12, Bjoern Schmidt wrote:

Richard Verwayen wrote:

finish_rules()
{
        iptables -N SHRED
        iptables -A INPUT   -j SHRED
        iptables -A SHRED   -j ULOG
        iptables -A SHRED   -j DROP
}

This rule should match on all packets so that the chain
policy will never be used, but it does not work correctly.
Where is the mistake?


--
Greetings
Bjoern Schmidt



--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org

with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: cleaning up my firewall script...
  - From: Bjoern Schmidt <bj-schmidt@uni-paderborn.de>

References:
- cleaning up my firewall script...
  - From: Bjoern Schmidt <bj-schmidt@uni-paderborn.de>
- Re: cleaning up my firewall script...
  - From: Bjoern Schmidt <bj-schmidt@uni-paderborn.de>

Prev by Date: Re: cleaning up my firewall script...
Next by Date: Writing rules based on program emitting/receiving paquet
Previous by thread: Re: cleaning up my firewall script...
Next by thread: Re: cleaning up my firewall script...
Index(es):
- Date
- Thread