Ipchains Woes
David A. Sinck
plug-discuss@lists.plug.phoenix.az.us
Mon, 25 Feb 2002 20:14:38 -0700
\_ SMTP quoth Craig White on 2/25/2002 18:19 as having spake thusly:
\_
\_ On Mon, 2002-02-25 at 14:45, David A. Sinck wrote:
\_ >
\_ > [...]
\_ > You may need to to -j ACCEPT in masquerade chain for trusted devices?
\_ >
\_ ----
\_ wow - 2 messages in 1 day David.
oh hush.
\_ as default policy - ACCEPT is a really poor idea for ipchains - for
\_ testing purposes, OK - but it will ultimately have to be changed to
\_ REJECT or DENY to have some security and piece of mind...be it forward,
\_ input or output.
It's also not all that keen for iptables. Having futzed with both
ipchains and iptables, I much prefer iptables.
A potentially informative iptables link for masquerading:
http://www.linuxdoc.org/HOWTO/Masquerading-Simple-HOWTO/summary.html
David