FC3 problem with ip_forward / masquerade : no more DNS resolution
Alexander Dalloz
ad+lists at uni-x.org
Fri Nov 12 19:05:41 UTC 2004
Am Fr, den 12.11.2004 schrieb Pierre-Yves Berger um 17:40:
> So, I added a rule in iptables that says
>
> -A RH-Firewall-1-INPUT -i eth1 -j ACCEPT
>
> at the beginning of the RH-Firewall-1-INPUT chain and I have again
> access to the world :-)
>
> Is there a better way to do this ?
>
> I may add that this is my home network with 2 Macs and a Linux system
> and users are not
> a security risk, at least not deliberately.
>
> Pierre-Yves
I would say this rule is ok for your environment. Of course your could
be more restrictive if you feel you need to protected the NATed clients.
Though you are not running a system from Seattle :)
Alexander
--
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.8-1.521smp
Serendipity 20:05:34 up 23 days, 17:45, load average: 0.18, 0.31, 0.28
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041112/7d0d5faf/attachment-0001.sig>
More information about the fedora-list
mailing list