Christoph Paasch wrote: > Hi, > > On Fri January 30 2009, Hinko Kocevar wrote: >> Hi all, >> >> Is it possible to 'port forward' ICMP requests? > You can match the protocol on ICMP packets with -p icmp and let the port- > specific stuff out of it, as ICMP doesn't uses portnumbers. But the problem will > be, that your external machine won't be reachable for icmp packets. (as every > icmp packets will get forwarded) It may be ennoying if MTU or ping packets > doesn't reach anymore your machine. That depends on the usage of your gateway. > Yes, that is what I was afraid of. I think that gateway should still remain available for ICMP echo-reply from external network. Thank you! -- Hinko Kočevar, OSS developer ČETRTA POT, d.o.o. Planina 3, 4000 Kranj, SI EU tel ++386 (0) 4 280 66 03 e-mail hinko.kocevar@xxxxxxxxxxxx http www.cetrtapot.si -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
