|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] my first fw rules
|
>
> You will also need to specifically allow ICMP type 5 from your default
> gateway if you have any other routers on your network that route any other
> network segments. (Does that make sence?)
didnt know that. thanks for the info. Anyway i included the relevant
chains but with commented out for icmp #5 when I add other segments
(right now I only have 1 segment).
> Lastly, you may want to consider spliting up some or all of your rules in
> to their own table(s)/chain(s) and just have one rule in the INPUT table
> to send packets to the other table. This can allow easier control of
> various sections of the table by simply deleting/adding a single rule from
> the INPUT table while still keeping the ruleset in place for examimation.
> This will change your processing overhead. In some cases it can add
> overhead in others it can conserve it. YMMV.
Right now I'm writing it as simple as I can so when things get
more complicated I will surely split it.
thanksfor the feedbacks
jondz /epike
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|