----- Original Message ----- From: "Spiro Azkoul" <spiro@xxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Sunday, June 13, 2004 8:59 PM Subject: RE: IPs blocked still able to connect > > Hello, > > You should be able to "man iptables" > > -> I did, got the info I needed. Thanks. > I also transferred all my -A rules to -I and an iptables -L INPUT now shows > priority to the -I rules, which basically should not block any traffic to my > server. > > On the other hand, I have a couple more questions: > > 1- If I have 2 Nic Cards, eth0 and eth1, without any kind of NATing > involved, as I am simply using the private interface for backup jobs, local > SSH and so forth, should I worry about the FORWARD chain? There is no > routing between the 2 interfaces nor do I need there be so I assumed so far > that my INPUT/OUTPUT rules will apply to the public interface without having > to go the extra step of specifying it. There's no explicit need of nat to pass the traffic between two interfaces, without having any nat rule, if you've turned on ip_forwarding, and FORWARD chain is ACCEPT, traffic will flow between interfaces. > > 2- Is there a way to build a text file and have IPTABLES pull from it > periodically? I know this could be done in perl, but has anyone tried to do > it with a simple cron job? the output of iptables-save could help? > Thanks > > > >
