Keep in mind that without putting any rules on the INPUT chain your firewall box is either totally open or totally closed (i.e. iptables -t filter -P INPUT ACCEPT or DROP). Generally you need rules on both the INPUT and FORWARD chains although the rules will be somewhat different. Take a look at Oskar's sample scripts.Now I really start getting it ! Thanks again Antony :-), and again, and again, and...
Thanks for the link. I had read that tutorial but obviously reading it was not enough. Now when I actually start using it I begin to understand the theory. It's cool, I like it...
So, basically when I FORWARD FTP requests to the FTP
server I don't need INPUT, unless the server is on the
routing machine. INPUT is being used only for the
routing machine.
I guess if I wanted to set up a firewall on the FTP
machine, then I would use INPUT on that machine.
Yes, but you probably ought to anyway.
OK, I'll eperiment with it :-)Indeed. Antony, screw up like that again and I'll have to fire you!! ;-)
P.S. I read the correction. Now I understand enough to
realize that it was only a typ ;-)
Jeff
