BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

iptables and dhcp

Subject: iptables and dhcp
From: ron.peterson at yellowbank.com (ron.peterson at yellowbank.com)
Date: Wed, 26 Feb 2003 20:37:01 -0500
In-reply-to: <20030226020805.GA19065@yellowbank.com>
References: <20030225185319.1f016b94.gaf@blu.org> <20030226014454.68692.qmail@web10501.mail.yahoo.com> <20030226020805.GA19065@yellowbank.com>

On Tue, Feb 25, 2003 at 09:08:05PM -0500, ron.peterson at yellowbank.com wrote:

> The following script sets up masquerading (the last line) and also
> disallows any traffic not associated with connections established by
> masqueraded hosts.

You know, I should point out that the ESTABLISHED,RELATED business is
kind of silly when doing masquerading.  I actually snipped and trimmed
this from a machine which is also doing bridging, where these rules
actually have some applicability.

There is in fact a firewall tool for Windows called WinRoute Pro that
masquerades the local host (and a private network if you wish, but
anyway..) in order to provide the same type of protection as the
stateful iptables rules would.  You can't masquerade without keeping
track of connection info.  And you can't reach the private network
from outside without setting up explicit port forwarding rules.

-- 
Ron Peterson                   -o)
87 Taylor Street               /\\
Granby, MA  01033             _\_v
https://www.yellowbank.com/   ----

References:
- csh vs tcsh
  - From: gaf at blu.org (Jerry Feldman)
- iptables and dhcp
  - From: abhishake00 at yahoo.com (Abhishake Pathak)
- iptables and dhcp
  - From: ron.peterson at yellowbank.com (ron.peterson at yellowbank.com)

Prev by Date: csh vs tcsh
Next by Date: csh vs tcsh
Previous by thread: iptables and dhcp
Next by thread: iptables and dhcp
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org