Hi,
The ipchains HOWTO contains an example firewall configuration with
separate chains defined for each triple of source network, destination
network and direction. That is, there are chains "net-dmz", "dmz-net",
"net-int", "int-net", "int-dmz" and "dmz-int". Is there any really good
reason not to simply leave all of rules in the forward chain? What do you
gain by splitting the forward rules into so many separate chains?
Regards,
- yba
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA ~. .~ TclTek Ltd.
=}-------------------------------------------------ooO--U--Ooo-----------{=
- [EMAIL PROTECTED] - tel: +972.52.670.353, http://www.tcltek.co.il -
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
