Sorry to nitpick, but the tutorial actually moved some time ago. There was simply too much troubles with hosting, so I finally got a domain of my own (frozentux.net), and the tutorial is available at http://iptables-tutorial.frozentux.net, hosted by haringstad.com which looks really really good so far. Of course, if they would go down, i will always be able to move the DNS to somewhere else in the future instead... Anyways, just to let everyone know. I got some other things under development as well right now, hence the iptables stuff is pretty much at a "featurefreeze". Have a nice day! ---- Oskar Andreasson http://iptables-tutorial.haringstad.com http://people.unix-fu.org/andreasson/ mailto:blueflux@koffein.net On Fri, 6 Sep 2002, Jose Luis Domingo Lopez wrote: > On Thursday, 05 September 2002, at 16:57:53 -0000, > anish_46628 wrote: > > > 3. Traffic going out from PC2 and generated by PC2 itself should > > have different differnt mark so that the traffic can be filtered > > based on the mark. > > > With linux kernel 2.4.x, packets go through different sets of rules when > "traversing" the box. A packet in transit will enter PREROUTING, pass on > to FORWARD and finally to POSTROUTING just before being queued to be > sent out on the physical interface. On the other hand, locally generated > packets go first to OUTPUT and afterwards to POSTROUTING. Compare this > to kernels 2.2.x when an in-transit packet would be seen at input, forward > and output. > > There is an _excelent_ reference on iptables you should check to get the > details of what you can do and how: > http://people.unix-fu.org/andreasson/iptables-tutorial/iptables-tutorial.html > > _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
