NAT Output
Michael Walter
walterm@Gliatech.com
Fri, 22 Jun 2001 13:41:56 -0400
Hello All,
Ran into some strange behavior on my firewall today and thought I would
share with the group and solicit comments. Ok, I have a reasonably secure
firewall (default policies on ALL tables and chains are drop). System is
stock RedHat 7.1 kernel 2.4.2-2 single processor. Now the strange part. I
noticed while setting up some local services on the firewall itself
(specifically Samba, I know the security implications) that UDP packets
generated from the firewall itself traverse the NAT Output chain. However
TCP packets generated from the firewall itself do NOT traverse the NAT
Output chain. I am not doing any type of NAT on any of these packets, and
haven't found anything in the HOWTO's that describes this behavior. Is this
specific to RedHat, Myself, or Netfilter? If Netfilter is it by design, or
a bug?
Thanks,
Michael J. Walter
rhce mcdba mcse+i a+
Network Administrator
Gliatech, Inc.
23420 Commerce Park Rd.
Beachwood, Ohio 44122
Tel: (216) 831-3200
Email: walterm@gliatech.com