On Tue, Aug 12, 2003 at 11:51:42AM -0700, Daniel Chemko wrote: > Source field doesn't matter since traffic destined for the internal > (private) network will only pass through that chain if you define DNAT > rules for them. oh! ok. > The port 80 rule seems ok, but trusting something like that where a user > can change their IP's or use different port numbers, it is pretty light > security for anyone who knows what they are doing. Yes agreed. But I am counting on the users not knowing how to change the ips :) (Yes this is possible in my company). Thanks and bye. With warm regards, -Payal -- "Visit GNU/Linux Success Stories" http://payal.staticky.com Guest-Book Section Updated.
