On Sat, Jun 15, 2002 at 04:17:28AM -0700, mammoz mammox wrote:
> [root@firewall /root]# ipchains -L
> Chain input (policy ACCEPT):
> target prot opt source destination ports
> ACCEPT all ------ anywhere anywhere n/a
> Chain forward (policy ACCEPT):
> target prot opt source destination ports
> MASQ all ------ anywhere anywhere n/a
> MASQ all ------ 192.168.1.0/24 anywhere n/a
Se usi una regola "bidirezionale", come questa:
/sbin/ipchains -A forward -b -s 10.19.1.0/24 -d 0.0.0.0/0 -j MASQ
il risultato sara` questo:
MASQ all ------ 10.19.1.0/24 0.0.0.0/0 n/a
MASQ all ------ 0.0.0.0/0 10.19.1.0/24 n/a
che ha piu` senso.
--
Nando Santagata: Telemastica & infornatica
Key fingerprint = 1054 9311 458D 4BAA E97B F447 7CD4 54B5 0208 F815
finger nandos (at) mail (dot) ipers (dot) net for my GPG public key
NANDO: Networked Artificial Neohuman Designed for Observation
|