Fedora IP Masquerading
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Mon Jan 5 02:30:48 UTC 2004
Am Mo, den 05.01.2004 schrieb James W. Bennett um 02:16:
[ snip ] comments all to the attached rc.firewall-2.4 script:
1) you filter only in the FORWARD chain and DROP all unwanted traffic?
DROP is bad, so add a last rule which REJECTs unwanted traffic
all traffic for INPUT and OUTPUT is ACCEPTed due to your policy, so
nothing is filtered for the services on the firewalling host itself
2) ip_forward is set in /etc/sysctl.conf and this way activated during
bootup
Alexander
--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
More information about the fedora-list
mailing list