[ale] next stupid ipchains question

Joe Knapka jknapka at earthlink.net
Thu Sep 7 00:05:35 EDT 2000


If you want to simply accept the packet, use "-j ACCEPT". You
must do one of ACCEPT, DENY, REJECT, or MASQ in order to
decide the packet's fate. By removing the "-j MASQ" you
effectively said, "let further rules handle this packet."

-- Joe

Wandered Inn wrote:
> 
> Martin Modahl wrote:
> >
> > You want the vpn masquerading howto. You need to masq some extra protocols
> > and all that jazz.
> 
> Yeah, I've got those goods including the ipsec mods for the kernel.  I
> guess what I need to do is revisit my chains on both machines to see if
> I've missed something.
> 
> >
> > You definately still need the -j MASQ.
> 
> Well, I know I want to masq stuff that's going from my internal networks
> out to the internet, but it shouldn't be necessary to masq it between my
> two subnets.

*** Joseph Knapka ***
In any formula, constants (especially those obtained from handbooks)
are to be treated as variables.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list