On Sun, Aug 10, 2014 at 2:24 PM, Nemeth Gyorgy <fri...@freemail.hu> wrote: > 2014-08-10 11:33 keltezéssel, Pascal Hambourg írta: >> >> Nemeth Gyorgy's ruleset is too complicated. Use the bare minimum : >> >> sysctl -w net.ipv4.ip_forward=1 >> iptables -t nat -P ACCEPT >> iptables -t filter -P ACCEPT > > This is really a big sechole.
This is one of these hopelessly unresolvable issues where some people believe that the correct config is to have policy DROP/REJECT and others believe that the correct config is to have a policy of ACCEPT and to have the final rule in the respective chains be DROP/REJECT.. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAOdo=sxfu3syvakxq5vjwpst0gbmcmf7ko0ood-0j-tfdzr...@mail.gmail.com
