Stephen J. McCracken
smccracken at hcjb.org.ec
Fri Apr 22 15:54:05 CEST 2005
Jason Opperisano wrote:
> On Mon, Apr 18, 2005 at 07:37:22AM +0200, Brent Clark wrote:
>>I was wondering, if was adviseable to set the default policy for tables
>>nat and mangle to DROP.
> no. *all* packets traverse the filter chains--do your filtering
Just to better understand, don't all packets also pass the mangle table
and only the first packet of a connection the nat table?
Thanks for your enlightenment...
More information about the netfilter