(Forgot this info in last post!)
I'm running the 2.4.19 kernel on a debian box with the bridging/firewall
patch from bridging.sourceforge.net (version 0.0.7) and the latest version
of iptables.
A sample output from iptables -L -vx would be:
Chain INPUT (policy ACCEPT 20403 packets, 27177359 bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 12188 packets, 786022 bytes)
pkts bytes target prot opt in out source
destination
The few other people (who also don't get the FORWARD chain to properly show
the counters) are still able to activate and implement rules, although as
you can see, my policy should drop everything, and yet I'm still able to use
the bridge.
eol,
Reed
reed wiedower
reed.wiedower@peyser.com
peyser.com
202.638.3730x115
| -----Original Message-----
| From: Reed Wiedower
| Sent: Friday, January 10, 2003 6:11 PM
| To: 'netfilter@lists.netfilter.org'
| Subject: problem with FORWARD chain
|
|
| I'm setting up a simple bridge firewall, and I've managed to get the
| bridging working properly. However, every time I attempt to create a
| firewall rule to prevent packets from traversing the FORWARD
| chain, I notice
| that, at least according to "iptables -L -vX", no packets are
| going across
| that particular chain. Any idea why this might be happening?
| I can implement
| rules on both the INPUT and OUTPUT chains and they work as
| expected, but for
| some reason nothing will display on the FORWARD chain.
|
| The bridging folks seem to think that it's an issue with
| iptables, not with
| the bridging code. Thanks in advance if anyone has seen this
| or knows how to
| deal with it.
|
|
| eol,
|
| Reed
|
|
| reed wiedower
| reed.wiedower@peyser.com
| peyser.com
| 202.638.3730x115
|
|
