I'm reading the IP Masq HOWTO, and I have a question...
In the HOWTO there's a script starting at about line 3100. That is a stronger
ruleset for a Masq machine. I think I have all the ipchains rules figureed
out, but I'm wondering what happens with a local-local packet.
If the firewall/gateway machine is the default gateway, isn't it possible that
machines from the private network will send packets to the gateway that are
destined back to the local network? If that happens, it seems we'd have:
in IF out IF Source Dest
eth0 eth0 192.168.xx 192.168.x.x
This will be accepted by the input rules, but it will be flushed by the
forward rules.
What am I missing here? Is it not possible for local --> local traffic to go
through the GW under normal configurations (given "order hosts,bind" in
/etc/host.conf)? Am I misreading a rule?
I've read IPCHAINS-HOWTO, IP-Masquerade-HOWTO, and Firewall-HOWTO...
Thanks!
-Michael
--
No, my friend, the way to have good and safe government, is not to trust it
all to one, but to divide it among the many, distributing to every one exactly
the functions he is competent to. It is by dividing and subdividing these
republics from the national one down through all its subordinations, until it
ends in the administration of every man's farm by himself; by placing under
every one what his own eye may superintend, that all will be done for the
best.
-- Thomas Jefferson, to Joseph Cabell, 1816
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
