Hey guys in linux box i have 2 interfaces when using the INPUT,FORWARD, and OUTPUT chains Do you have to specify the interfaces were packets come and go?

Technically you don't have to, but you most likely will if you are using a box that has more than one interface to it. Google "IPTables Tutorial" and select the first link. This will have everything you will ever want / need to know about IPTables.

HTH,

Centinul

yeah ive been reading that tutorial actually but i dont know if i missed or didnt undsertand something coz i cant find anything saying what interfaces should packets go when there going to leave the firewall. and thinking about it, i think thats the job a router, right? does iptables do the routing to?

Sometimes you'll want to specify that a rule only applies to packets coming into a certain interface. Other times you won't. For example, say I have a box with two interfaces, one for the LAN (let say it's eth0) and one for the WAN (let say it's eth1). I want to allow connections into my SSH daemon. I could do a:That would work, but it would allow people on both my LAN and WAN networks to connect. If I only want people on my LAN to connect, I need to specify the LAN interface:Now any packets which hit the WAN interface won't match this rule, and hence won't be sent to ACCEPT by it.

This is specified in your IP routing table. You can look at it with this command:

ok thank you everything is becoming clearer...