At 11/21/2001 11:14 AM +0100, you wrote:
>On Tue 20 November 2001 22:21, you (James Francis) wrote:
> > > /sbin/ipchains -P forward DENY
> > > /sbin/ipchains -A forward -s 192.168.1.2/24 -j MASQ
> > > ## I do have other IPchains  installed...
> >
> > Forgot to mention...make sure you have a rule like the following:
> > /sbin/ipchains -A forward -i eth1 -j MASQ after your forward rule above.
> >
> > eth1 was your connection to the internet on the RH7.1 box.
>
>How may I be sure that unwanted data will not pass thru this rule to my
>internal network - that only answers to masqued outgoing requests will pass?

The short version: That is the nature of MASQ; it only allows connections 
out, not in.


--
Rodolfo J. Paiz
[EMAIL PROTECTED]



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to