|
I'm not absolutely certain, but I don't believe it will.
There are three built-in chains in the FILTER table: INPUT, FORWARD, and OUTPUT. From the description in the man page (man iptables), it seems pretty clear that it distiguishes between packets aimed at the box (INPUT) and packets just passing through (FORWARD).
Two comments:
What's the "-d ! 192.168.0.1" for? Because of the stuff I just mentioned, I don't think the FORWARD rule would ever see such a packet, but I don't see any harm in leaving the possibility that it might route something to itself. (Actually, I just thought of something. I'm making a (possibly unwarranted) assumption that the box these rules are for is 192.168.0.1. If it's not, ignore this.)
Second, you might want to change the "-I" to "-A". "-I" stands for insert, and it will insert the rule at the top of the chain. This means the last rule you have pertaining to a particular chain will be the first one checked (and the second-to-last will be the second checked, and so on until if finally gets to the first rule.)
Most people use "-A" (for append) so that the rules get added to the chain in the same order that they are in the iptables file. If you like RPN logic, there's nothing wrong with using the "-I", but I wanted to make sure you knew what it was doing.
Hope this helps,
CHL
|
