Quoting Anders Fugmann <afu@fugmann.dhs.org>: > Btw. Thanks for a great tutorial. Keep up the good work. Yes, that tutorial really helps, thanks Oskar. I think it should be given some sort of "Official" status on the netfilter web site, and they should definately link to yours instead of hosting an old version. Just a few suggestions for the tutorial (take 'em or leave 'em ;): General: - it would be useful if the guide referred to the versions of iptables/kernel for which it it is known to be valid Traversing of tables and chains section: - the version on netfilter.org is old, doesn't link to the original, and has broken links (the rc.test-iptables.txt script, for example) - might benefit from mentioning that EST/REL packets don't traverse the NAT chain, and why - as a newbie to iptables and the kernel network stack, I find it easiest to think in context of an actual connection that I can test. As such, it might benefit from using example connections to illustrate, such as in my original post, ie: masq client -> firewall masq client -> external firewall -> external firewall -> firewall (thanks Joel Newkirk!) Thanks Oskar, Joel, and Anders!
