[Techtalk] iptables rules for openvpn review, please
John Clarke
johnc+linuxchix at kirriwa.net
Wed Feb 28 03:28:01 UTC 2007
On Tue, Feb 27, 2007 at 07:14:52 -0800, Carla Schroder wrote:
Hi Carla,
> Yes. Death to NAT.
:-)
NAT's not that hard once you understand how iptables works. You just
have to make sure that your forwarding rules use the addresses before or
after NAT, depending upon which chain they're in and whether its SNAT or
DNAT.
You'll still make mistakes though; I do, often :-/ Logging + tcpdump
helps when you do.
> Thanks, that is very helpful!
You're welcome. Let me know if there's anything else I can do to help.
Cheers,
John
--
I was thinking about bolting them together with security screws and leaving
contact poison on the only compatible screwdriver in plain view. Subtlety
is important.
-- Peter da Silva
More information about the Techtalk
mailing list