On Mon, 2023-08-07 at 15:05 +0000, John Horne wrote: > A slightly more descriptive name than just 'forward:' might have > helped :-) Going back to the older firewalls, there were input, output, and forward rules. Input was incoming to this machine, output was outgoing from this machine, and forward was going through/around/bypassing this machine. In the same vein as with NAT rules, forwarding passed traffic through to a new destination. That's how I would have interpreted that. e.g. If I have incoming traffic for a webserver, but this particular machine wasn't the webserver. Traffic is sent through to where the webserver actually is. Which could be another machine on the network, or a virtual machine hosted within the same PC. I don't actually want to accept that traffic going into the machine it has to skip past, so the incoming rules are the wrong ones to fiddle with. In essence, the firewall is between the network interfaces and the rest of the OS. -- uname -rsvp Linux 3.10.0-1160.92.1.el7.x86_64 #1 SMP Tue Jun 20 11:48:01 UTC 2023 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
