[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: in what interface should i put pass in and pass out?
From: "T X" <me_aa () hotmail ! com>
Date: 2007-03-24 10:47:05
Message-ID: BAY104-F18F9F8D92CA806004257AB98690 () phx ! gbl
[Download RAW message or body]
Hey all,
I have read the basic docs and faq for the ip filter but i wasn't able to
figure out an answer for the following two.. Anyone to help me?
1) does a "block all" cover me from block in all and block out all? is in
and out mandatory or optional using the ipfilter?
2) i am trying to use ipfilter in a linux machine with two interfaces. lets
say that eth1 is going to the Internet and eth0 to my local lan. I am
thinking to put some rules on my eth1 with the pass in command so that i can
block/allow requests from clients to my server inside the lan. where should
i put the rules for server's reply to the clients? Would it be better to use
a pass in rule to my eth0 interface or a pass out rule to my eth1 interface
and why?
a little sketch would be like this
server----------eth0[ipfilter]eth1--------[router]-----internet..
Many many thanks!
Tim
ps. when i pass in a packet from the eth1 should i explicitly pass it out on
the eth0 so that it will be forwarded to my lan? this qestions also applies
the other way arount...
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic