|
|
|
Re: Question about nat filtering with FORWARD | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
On Wed June 24 2009 wrote Rob Sterenborg: > $ipt -P FORWARD DROP > $ipt -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > $ipt -A FORWARD -m state --state NEW -p tcp --dport 22 -j ACCEPT Watch out, that with these rules, you will allow any traffic to pass, that has destination port 22. Thus, the outside can contact you to port 22. And the inside can contact any host on the Internet on port 22. Best regards, -- Christoph Paasch www.rollerbulls.be --
Attachment:
signature.asc
Description: This is a digitally signed message part.
[Linux Netfilter Development] [Linux Kernel Development] [TCP/IP Books] [Linux Resources] [LARTC] [Home] [Bugtraq] [Consulting] [Free Internet Dating] [Yosemite Forum] [Photo]
|
|