Re: question about table filter, nat and mangle with chain default policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


--- On Sun, 4/12/09, Mart Frauenlob <mart.frauenlob@xxxxxxxxx> wrote:

From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Subject: Re: question about table filter, nat and mangle with chain default policy
To: netfilter@xxxxxxxxxxxxxxx
Date: Sunday, April 12, 2009, 7:11 AM

>   
> Don't set the policy to DROP in mangle and nat table.
> Put the drop policy only in filter table.

> greets

> Mart

thanks for your help, but why i can't set policy DROPT in mangle and nat table?
is the mangle and nat table share chain with filter table or why?

because as i remember process from INPUT will not pass the rule for OUTPUT and FORWARD

it's right or i have wrong from understand the iptables rule?

thx again...


      

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux