Christopher Chan wrote:
I tried it. I had everything open. Then I blocked everything. Then I
set up a rule to allow SSH in to eth0 and out eth1 (and the other
way). At least I thought that was what the rules said, but no SSH
connectivity through the firewall. That was when I realized that I
had not found the necessary incantation, and I had already shot most
of tuesday.
Too bad you missed the documentation on netfilter then.
And that is the crux of the problem. Finding the right documentation....
And to look at documentation on netfilter besides iptables.
It would have told you that the INPUT chain controls what comes to the
box, the OUTPUT chain what originates from the box and the FORWARD
chain what goes through the box.
You would have needed a rule in FORWARD to allow ssh connections
through the box. The rules in the INPUT and OUTPUT chains would have
zero effect on connections going through.
Anyways, you have something now but in case you want to give iptables
another go...
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
