[CentOS] Iptables masq traffic limiting
Joseph L. Casale
JCasale at activenetwerx.comMon Sep 1 02:31:52 UTC 2008
- Previous message: [CentOS] Re: Curmudgeoning (was Re: Problems with writing Dual Layer DVD)
- Next message: [CentOS] Iptables masq traffic limiting
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>We should be talking live. Why don't your join the #centos-social on freenode >so we can chat real time? Robert, Just got back from my trip and reading that Tutorial, it went on to state what I now find to be two distinct opposite thoughts. Its says at http://iptables-tutorial.frozentux.net/chunkyhtml/c962.html that you shouldn't filter in the NAT Postrouting chain as some streams of packets only have their first packet hit the chain and everything else is redirected hence the possibility exists that some packets can miss the rule. It seems the Filter Forward chain is the safest place to limit what gets masq'ed so internal clients could only have say port 80/443 but no ftp access as an example. What are your thoughts in this? Thanks, jlc
- Previous message: [CentOS] Re: Curmudgeoning (was Re: Problems with writing Dual Layer DVD)
- Next message: [CentOS] Iptables masq traffic limiting
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list