iptables and dhcp
ron.peterson at yellowbank.com
ron.peterson at yellowbank.com
Wed Feb 26 20:37:01 EST 2003
On Tue, Feb 25, 2003 at 09:08:05PM -0500, ron.peterson at yellowbank.com wrote:
> The following script sets up masquerading (the last line) and also
> disallows any traffic not associated with connections established by
> masqueraded hosts.
You know, I should point out that the ESTABLISHED,RELATED business is
kind of silly when doing masquerading. I actually snipped and trimmed
this from a machine which is also doing bridging, where these rules
actually have some applicability.
There is in fact a firewall tool for Windows called WinRoute Pro that
masquerades the local host (and a private network if you wish, but
anyway..) in order to provide the same type of protection as the
stateful iptables rules would. You can't masquerade without keeping
track of connection info. And you can't reach the private network
from outside without setting up explicit port forwarding rules.
--
Ron Peterson -o)
87 Taylor Street /\\
Granby, MA 01033 _\_v
https://www.yellowbank.com/ ----
More information about the Discuss
mailing list