[NBLUG/talk] Linux as router

Osiris Pedroso opedroso at swoptimizer.com
Mon Nov 1 09:25:14 PST 2004


Good morning,

 

I have a Linux machine running with two NICs on it (+ the loopback
interface), which I would like to use as a firewall for my home network.

 

I would like to understand a bit more about iptables and wonder if any of
you could help me.

 

In IPTABLES, there are three main queues of packets, namely INPUT, FORWARD
and OUTPUT.

 

I believe:

*	INPUT and OUTPUT exist for both eth0 and eth1, but FORWARD is shared
between the two.
*	When testing packets in the INPUT queue, only the input interface
can be tested for, the output interface won't be set.
*	When testing packets in the OUTPUT queue, only the output interface
can be tested for, the input interface won't be set.
*	Unless "echo 1 > /proc/sys/net/ipv4/ip_forward" is executed, packets
will not be forwarded from one interface to the other.

 

One more related question:

*	Does TCPDUMP show only arriving packets or does it also show packets
being emitted from the interface being watched? Maybe I am using the wrong
tool to watched the traffic go by.

 

Thank you so much,

 

Osiris Pedroso

--

Ph: (707) 658-3500

AOL AIM: osirisPedroso

http://www.SWoptimizer.com <http://www.swoptimizer.com/> 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://nblug.org/pipermail/talk/attachments/20041101/5378e0cd/attachment.htm


More information about the talk mailing list