match by originator interface
Rob Collins
robtompc@yahoo.com
Thu, 4 Oct 2001 07:39:09 -0700 (PDT)
iptables -A FORWARD -i eth1 -m state \
--state ESTABLISHED,RELATED
will match incoming packets who are already a part of
an established connection. So, if your rules further
only allow '-i eth0 -m state --state NEW' to go
through, and your rules do not allow the firewall
itself to originate outbound connections, the rule
fits your requirements.
Nelson:
-=-=-=-
Is there any way i can write a rule to match a packet
on interface
eth1 only if it belongs to a connection that was
originates through
interface
eth0?
Best Regards,
Nelson Escravana
=====
--r
"Experience is that marvelous thing that enables you to recognize a mistake when you make it again." -- F. P. Jones
__________________________________________________
Do You Yahoo!?
NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
http://geocities.yahoo.com/ps/info1