iptables question

To: Debian Security <debian-security@lists.debian.org>
Subject: iptables question
From: Jan Räther <jan.raether@zmnh.uni-hamburg.de>
Date: Fri, 21 Jun 2002 10:15:35 +0200
Message-id: <[🔎] 20020621101535.06e67e61.jan.raether@zmnh.uni-hamburg.de>

Hi there,

i have just a simple question about iptables. I got a router running
debian with iptables. The Standard Policy's for all chains are DROP. Now i
want to masq/route a few specific ports to some boxes inside my LAN, all
with 192.168.1.x addresses. I do that with:

iptables -A PREROUTING -t nat -i ppp0 -s 0/0 -p tcp --dport 2222 -j DNAT
--to 192.168.1.2

My question is now, will that rule be processed before the standard INPUT
policy gets applied? Or do i have to add a:

iptables -A INPUT -i ppp0 -s 0/0 -p tcp --dport 2222 -j ACCEPT

before the PREROUTING thingie?

Jan

-----
Jan Räther
Universität Hamburg
Zentrum für Molekulare Neurobiologie
Service-Gruppe EDV
Falkenried 94
20251 Hamburg
Germany
Tel.: 040 - 428 - 03 - 6619
Fax.: 040 - 428 - 03 - 6621

Tell a man there are 300 billion stars
in the universe and he'll believe you.
Tell him a bench has wet paint on it
and he'll have to touch to be sure.


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: iptables question
  - From: Crispin Wellington <crispin@aeonline.net>
- Re: iptables question
  - From: jmraux@t-online.fr (Jean-Michel RAUX)

Prev by Date: Unidentified subject!
Next by Date: AW: DSA 131: Apache Vulnerability
Previous by thread: Unidentified subject!
Next by thread: Re: iptables question
Index(es):
- Date
- Thread