PREROUTING vs INPUT&FORWARD v iptables

Středa Prosinec 12 16:05:00 CET 2001

On Wed, Dec 12, 2001 at 02:31:50PM +0100, Ing. Pavel PaJaSoft Janousek wrote:
> 
> 	Na iptables nejsem expert, ale z logiky veci bych si dovolil
> pripomenout, ze ve forward (nebo nekde okolo'-)) muze dojit ke zmene SRC
> adresy => nevynechal bych pravidlo ani v POSTROUTING...
> 

Zahazovani paketu v POSTROUTINGu neni IMHO nutne, protoze paket se
spoofnutou adresou by nemel projit PREROUTINGem (FORWARDem).

-- 
/*     Miroslav Petricek           mirek na petricek.cz
       Brno, Czech Rep.            ICQ: 56183467
---- http://www.petricek.cz/ --------------------------
    It's entirely untested, but it looks good and
        compiles. Ship it!            - Linus Torvalds               */