[ale] next stupid ipchains question
Joe Knapka
jknapka at earthlink.net
Thu Sep 7 00:05:35 EDT 2000
If you want to simply accept the packet, use "-j ACCEPT". You
must do one of ACCEPT, DENY, REJECT, or MASQ in order to
decide the packet's fate. By removing the "-j MASQ" you
effectively said, "let further rules handle this packet."
-- Joe
Wandered Inn wrote:
>
> Martin Modahl wrote:
> >
> > You want the vpn masquerading howto. You need to masq some extra protocols
> > and all that jazz.
>
> Yeah, I've got those goods including the ipsec mods for the kernel. I
> guess what I need to do is revisit my chains on both machines to see if
> I've missed something.
>
> >
> > You definately still need the -j MASQ.
>
> Well, I know I want to masq stuff that's going from my internal networks
> out to the internet, but it shouldn't be necessary to masq it between my
> two subnets.
*** Joseph Knapka ***
In any formula, constants (especially those obtained from handbooks)
are to be treated as variables.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list