[Shorewall-users] routeback

Tom Eastep teastep at shorewall.net
Thu Oct 23 16:20:28 PDT 2003


On Thu, 2003-10-23 at 13:18, Nerijus Baliunas wrote:
> On Thu, 23 Oct 2003 13:00:16 -0700 Tom Eastep <teastep at shorewall.net> wrote:
> 
> > > BTW, is it dangerous to enable routeback? Should I better use some
> > > user space port redirector for this purpose?
> > 
> > You might want to add a 'net net DROP' policy. That way, the only
> > net->net traffic through your firewall will be what you allow by rules.
> 
> I have the policy
> net             all             DROP
> is it enough?

Yes.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-users mailing list