On Monday 02 August 2004 8:50 pm, Eric Ellis wrote:
> Antony Stone wrote:
> >
> > My recommendation is to put a LOG rule at the end of each chain, just
> > before the default DROP policy takes effect, and you'll see what packets
> > are getting that far and then being lost.
> Now here's something interesting that I discovered when you mentioned
> it...
>
> It appears that all of my HTTP packets are making it through the chains
> without being picked up by my redirect rule. The same appears to be
> happening with mail. I put the LOG at the end of the 3 filter tables,
> In, Out, and FWD, so assuming that it's line by line filtering (eg, runs
> until a rule catches it), my packet is making it throught the chains
> without being caught. Any suggesstions on what could cause that?
Yes. You have no FORWARD rule allowing packets to TCP port 80 (well, you do,
but it's commented out...).
Regards,
Antony.
--
Bill Gates has personally assured the Spanish Academy that he will never allow
the upside-down question mark to disappear from Microsoft word-processing
programs, which must be reassuring for millions of Spanish-speaking people,
though just a piddling afterthought as far as he's concerned.
- Lynne Truss, "Eats, Shoots and Leaves"
Please reply to the list;
please don't CC me.
