Filtering all packets?
Sat, 6 Oct 2001 21:49:03 +0100 (BST)
Is there a clean way to guarantee that all packets are
passing through a ruleset?
With ipchains it was nice to know that everything went
via the input and output chains.
With iptables, it seems that I have to add rules to
PREROUTING and POSTROUTING _if NAT is configured_, and
to INPUT and FORWARD, or FORWARD and OUTPUT otherwise.
Is there an easier way to do this?
Otherwise, is there any chance that iptables might gain
"FROM-IFACE" and "TO-IFACE" chains in its standard