MASQUERADE and ACCEPT targets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

All ,

     R1)   iptables -t nat -I POSTROUTING -o eth0 -m state --state
ESTABLISHED,RELATED -j ACCEPT
     R2)   iptables -t nat -A POSTROUTING   -o eth0 -j MASQERADE


                                        machine "B"
                                     ------------------------------------------
                                     |                                        |
                                     |                                        |
machine "A"   ------> eth0 |
|eth1----------------------------------------> internet
                                     |                                        |
                                     |                                        |
                                     ------------------------------------------

 I applied rules R2 and i am able to browse internet from machine A .

 1. Is there any problem if i apply R1 ?
 2. if packet state become ESTABLISHED ( not a new packet ) , do we
need MASQERADE target for remaing packets ???

Thanks,
Ratheesh
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux