Confused as Chris Griffin

serge_ss-rieW9WUcm8FFJ04o6PK0Fg at public.gmane.org serge_ss-rieW9WUcm8FFJ04o6PK0Fg at public.gmane.org
Thu Nov 27 19:28:56 UTC 2003 

Hi Teddy,

Just an example:

FORWARD:

192.168.0.15 -> www.tlug.org

                ----------- the box ---------------
192.168.0.15 -> | 192.168.0.1 -> public interface | -> www.tlug.org
                -------------- FORWARD ------------
INPUT:
192.168.0.15 -> 192.168.0.1 or Internet -> public interface

                ----------- the box ---------------
192.168.0.15 -> | eth0 192.168.0.1  pub i-face eth1| <- Internet
             INPUT eth0                     INPUT eth1

OUTPUT:
192.168.0.1 -> 192.168.0.15 or public interface ->Internet


                ----------- the box ---------------
192.168.0.15 <- | 192.168.0.1    public interface | -> Internet
               output eth0 -------------- output eth1

Unlike ipchains, iptables treats those chains separately, what means in ipchains FORWARD would generate INPUT eth0 FORWARD eth0->eth1 OUTPUT eth1 and in iptables it's just FORWARD eth0->eth1

Sorry for being rather schematic, but hope I was helpful.

Sergey



> 
> From: "Teddy Mills" <teddymills-VFlxZYho3OA at public.gmane.org>
> Date: 2003/11/27 Thu PM 01:37:25 EST
> To: <tlug-lxSQFCZeNF4 at public.gmane.org>
> Subject: [TLUG]: Confused as Chris Griffin
> 
> 
> Q1
> FORWARD chain "are for packets destined for other hosts"
> Well, why am I recieving packets that arent meant for me?
> Why can I just DROP all packets recieved on the FORWARD chain?
> What exactly is the FORWARD chains function ?
> 
> Q2
> INPUT chain is for packets destined for our local machine.
> Do these packets originate from Internet and all my LAN hosts?
> 
> Q3
> OUTPUT chain is for packets generated locally, now leaving.
> Is this just for the Linux "lo" interface?
> What about the local LAN interface and all my LAN hosts?
> 
> 
> Confused as Chris Griffin.....
> 
> 
> 
> ---------------------------------------------------------------
> teddy mills
> http://www.vger.ca
> VGER directives...To collect...all that is collectable. To sell...all that
> is saleable.To merchandise...all that is merchandisable.
> 
> Family Guys, Quagmire
> "allllllllllllllllllllllllllllllll right"
> 
> 
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
> 

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list