Hi,
Gopinath írta:
Hi,
My objective is to replace my existing firewall with a Linux firewall.
We have point to point connectivity through VSAT with one of our
customer. The only major thing which the firewall need to do is STATIC
NAT. As you may see since this is a point to point connectiviy all the
IPs employed are Private IPs. While checking the f/w in simulation
mode, things were working fine (except default denying). I already
tried to achieve DEFAULT DENY by changing the default behaviour of
FORWARD policy to DROP by issuing the command "iptables -P FORWARD
DROP". But when i do this all the traffic were getting dropped. So
If EVERYTHING is dropped then your rules do not get hit by the traffic.
(Your rules are wrong.)
Try to capture the traffic. Maybe you can find the problem.
again i tried by appending a policy in forward chain (last rule) to
(policy is always the last rule... :D )
drop all the packets by default. But even this didn't worked out. Hope
you can understand my requirement & how i do the NATTing from my
previous mail.
Even though i have worked a bit with iptables before, I am a begginer
in building a linux firewall with iptables :-)
Cheers :)
Gopinath.U
Swifty
