iptables (was port forwading)
Craig White
plug-discuss@lists.plug.phoenix.az.us
18 Mar 2002 22:22:03 -0700
On Mon, 2002-03-18 at 21:44, Carl Parrish wrote:
> On Mon, 2002-03-18 at 20:00, David A. Sinck wrote:
> >
> >
> > The biggest thing is that the chains are named slightly differently
> >
> > input (ipchains) vs INPUT (iptables)
> >
> > which I occassionally still overlook until it coughs on me.
>
> Yeah I wasn't expecting the order of options to matter either but it
> seems that -d has to happen before -p in iptables (I'm pretty sure it
> didn't matter in ipchains). oh well I'm going to see if I can figure it
> all out tonight if not its going to have to wait for awhile.
>
---
I think order has definitely mattered in ipchains too...if you don't
think so, put your reject rules before your accept rules...
here are a couple of links to some firewall scripts with iptables that
may be what you're looking for...
try
http://www.e-infomax.com/ipmasq/
or
http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq/c-html/stronger-firewall-examples.html#RC.FIREWALL-2.4.X-STRONGER
or
http://heimdall.asgardsrealm.net/linux/firewall/
Craig