IPTABLES problem
Rusty Russell
rusty@linuxcare.com.au
Thu, 27 Apr 2000 19:31:58 +0930
In message <200004250554.e3P5sfR03609@vindaloo.ras.ucalgary.ca> you write:
> Rusty Russell writes:
> > As the default is DENY. This is changing, as I've had too much EMail
> > about it 8).
>
> Ouch! That will open a window unless people know about the change :-(
All the more reason to do it now before we're stuck with a stable
kernel.
In practice, however, there's not much of an issue. All my examples
(and all the scripts I've seen) enable forwarding in /proc as the very
last thing anyway.
The only people who will lose are those who do it in the other order:
# echo 1 > /proc/sys/net/ipv4/ip_forward
# ... setup firewall rules assuming DROP policy ...
Rusty.
--
Hacking time.