> > Linux 2.4 netfilter:
> >
> > Incoming Outgoing
> > interface interface
> > ----+------------------- FORWARD -----------------+------->
> > | ^
> > v |
> > INPUT -------------> Application -----------> OUTPUT
> >
> > The names in capitals are the names of the tables. You can control
> > packets that the local machine sees completely independently of what
> > gets routed through the machine with a kernel supporting iptables
> > by adding the appropriate rules to the input and forward tables.
>
> Hmm. This would seem to be false in the RH 7.2 kernel 2.4.9-21
> kernel I'm working with.
>
> My IP masquerading rule (which claims to be in the "forward"
> chain, with target "MASQ"), was blocked when I did input address
> masking.
>
> I.e. Yes, I actually tested this before posting.
>
> If you're calling it a bug, then so be it. But the result would be
> a bit better than how my Linux system works now.
Whoops, I am apparently using "ipchains" and not "iptables", and
didn't note the distinction.
Sorry about the spurious bug report here. :/
--
Erich Stefan Boleyn <erich@uruk.org> http://www.uruk.org/
"Reality is truly stranger than fiction; Probably why fiction is so popular"
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/