[CentOS] C6 gateway/firewall problem

Tue Dec 13 15:53:26 UTC 2011
m.roth at 5-cent.us <m.roth at 5-cent.us>

Laurent Wandrebeck wrote:
> On Tue, 13 Dec 2011 10:23:45 -0500
> cliff here <c4ifford at gmail.com> wrote:
>
>> My best guess would be to move your forwarding rules to the INPUT chain
>> instead of being in the PREROUTING.
> Will try that once I figure out iptables syntax.
> Is it me or I hit a system-config-firewall bug in rules generation ?

These days, I either edit /etc/sysconfig/iptables or iptables-save >
iptables. Take one, clone it, edit the line. -s source, -d destination, -p
protocol covers most of it, along with -j ACCEPT or -j DROP.

         mark