Re: IP Chains question

To: debian-user@lists.debian.org
Subject: Re: IP Chains question
From: Eric G.Miller <egm2@jps.net>
Date: Thu, 31 Jan 2002 08:10:52 -0800
Message-id: <[🔎] 20020131081052.771fa973.egm2@jps.net>
In-reply-to: <[🔎] Pine.LNX.4.21.0201310900490.8538-100000@Super-Sonic.kopishke.org>
References: <[🔎] Pine.LNX.4.21.0201310900490.8538-100000@Super-Sonic.kopishke.org>

On Thu, 31 Jan 2002 09:08:45 -0500 (EST), Matt Kopishke <kopishke@BlueNoteTechnology.com> wrote:

> I have set up a firewall using ipchains and the bridge patch
> (bridgein) under potato (2.2.19).  The one snag I had was although the
> firewall works well only letting the world see certain ports (80 & 443),
> it doesn't let the servers behind the firewall get out.  I set up a rule
> that allows all traffic that originated behind the firewall out, but
> because we only have a couple of ports open, and we have no clue what port
> the reply packets are going to come on, the reply packets get denied.
> 
> I was wondering if there is any way to mark out going packets so we can
> let them through on their way back?

Yea, it's called iptables/netfilter (kernel 2.4.x).

-- 
Eric G. Miller <egm2@jps.net>

Reply to:

Follow-Ups:
- Re: IP Chains question
  - From: Rick Macdonald <rickmacd@home.com>

References:
- IP Chains question
  - From: Matt Kopishke <kopishke@BlueNoteTechnology.com>

Prev by Date: Re: woody iso
Next by Date: Re: Fetchmail locking up
Previous by thread: IP Chains question
Next by thread: Re: IP Chains question
Index(es):
- Date
- Thread