[LARTC] Monitoring....

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



My suggestion is for you to do this, insert
the 'filtering' rules into the INPUT/OUTPUT/FORWARD
chains, eg

   iptables -I FORWARD -p tcp --dport 22 -j mychain
   iptables -I INPUT -p tcp --.... -j mychain
   iptables -I OUTPUT -p udp -- .... -j mychain
   .....
   and so on,

and for mychain,

   iptables -A mychain -j RETURN

You can safely put this. It will not disrupt anything.

If originally you already have some other accept/deny,
they continue to work.

--- Nelson Guedes Paulo Junior
<npaulo@linux.ime.usp.br> wrote:
> I have, at least for the moment, one question about
> iptables:
> 
> Does I need to create another chain to sse the bytes
> like:
> 
> iptables -N mychain
> iptables -I INPUT -j mychain
> iptables -I OUTPUT -j mychain
> iptables -I FORWARD -j mychain
> iptables -A mychain -p tcp --dport 22 -j ACCEPT
> 
> Does I need to do that???
> 


__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com


[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux