flaw with forwarding
Thu, 25 Nov 1999 14:22:49 +1100
I think I may have found a flaw in netfilter with regard to forwarding.
The system I'm using is a fresh installation of redhat 6.1 with the kernel
upgraded to 2.3.25 and netfilter 0.1.12
the test setup is...
pc1 ---------- netfilter ------- the world
after booting and insmod-ing iptables. I change the policies as follows
and no nat.
With this setup, however, packets are still being forwarded. Is this a
flaw in my logic or netfilter as I would have thought that the packet
wouldn't have been let in the ethernet interfaces to be forwarded. I refer
you to the diagram from netfilter-hacking-HOWTO.txt
A Packet Traversing the Netfilter System: