Hi,
I think I've asked this before here, but I
don't remember what the answer was.
If I have iptables running and I do a
tcpdump -i eth0, at what point is
tcpdump listening to the connection?
I'm trying to troubleshoot my firewall,
but am not seeing the right behaviour
as the packets that I'm trying to block
by the following command:
$IPTABLES -A FORWARD -i eth1 -p tcp \
-d 192.168.7.1 -j DROP
But I still get tcp packets going to
192.168.7.1.
And wouldn't :
$IPTABLES -A FORWARD -i eth1 -p tcp \
-s 192.168.7.1 -j DROP
in effect disables all access to the
internet for machine IP 192.168.7.1?
But my main query is about the
relationship between the packets that
TCPDUMP sees and where the packets
are within the packet filtering
process.
Thanks
