[CentOS] Port Forwarding woes

Filipe Brandenburger filbranden at gmail.com
Mon Apr 27 21:01:52 UTC 2009


On Mon, Apr 27, 2009 at 16:01, Bo Lynch <blynch at ameliaschools.com> wrote:
> I think I found the culprit but not sure if by taking this out it will be
> a risk. When I remove this statement things work....
> iptables -A FORWARD -i eth0 -m state --state NEW, INVALID -j DROP
> If I drop the NEW it works. Should I be concerned from I security stand
> point?

The point of that rule is to drop anything you did not handle before.
That rule is supposed to be the last one in the list of rules.

The best solution in your case is probably to move your other rules
above that one.


More information about the CentOS mailing list