LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-09-2003, 01:21 AM   #1
hardigunawan
Member
 
Registered: Dec 2001
Posts: 35

Rep: Reputation: 15
how packets traverse thru iptables chains?


As above. I'm confused with how the chains are traversed in iptables.

Let's say the Linux box has 3 NIC: eth0 for internet, eth1 for DMZ and eth2 for local LAN.

When a box in LAN trying to access a webserver in the internet, would the packet go through INPUT chain, as in the case of using ipchains? And what happen then?

Currently I believe it will go straight to FORWARD chain and then SNAT'ed in the POSTROUTING chain. So, there's no INPUT or OUTPUT chains involved.

Is this true? This is what I can grasp from IPTables Tutorial. But when I read some firewall examples, it filters the INPUT chain too...
 
Old 01-09-2003, 01:50 AM   #2
hardigunawan
Member
 
Registered: Dec 2001
Posts: 35

Original Poster
Rep: Reputation: 15
Hm... After another reading of the book Linux Firewall, seems that the correct path is NOT to traverse INPUT and OUTPUT chain when the packet is not to/from localhost (i.e. firewall itself).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
What's the latency of packets when using iptables? queezythegreat Linux - Security 1 04-11-2004 02:35 AM
iptables won't let packets in - check please? Simon Bridge Linux - Security 1 01-23-2004 09:26 PM
iptables FLOOD FLAGS and INVALID chains - need another module? MadCactus Linux - Security 3 11-19-2003 08:26 AM
iptables (Fragmented packets) qwijibow Linux - Security 2 09-02-2003 06:40 AM
Iptables letting packets through? mccomber Linux - Security 9 08-05-2003 07:13 AM


All times are GMT -5. The time now is 06:12 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration