[plug] forward rules
levsky at rave.iinet.net.au
levsky at rave.iinet.net.au
Sun Feb 23 21:29:09 WST 2003
On Sun, Feb 23, 2003 at 09:13:14PM +0800, Bernard Blackham wrote:
> In iptables (2.4 & 2.5 kernels), only packets destined for the
> machine go through INPUT. Only packets originating from the machine
> go through OUTPUT. Packets that are just passing through traverse
> the FORWARD chain. IP Masquerading and random packet mangling is
> performed in tables PREROUTING and POSTROUTING depending whether
> it's source mangling or ip masq (POSTROUTING), or destination
> (PREROUTING).
To be completely pedantic, you can actually mangle on any of the 5
hooks (PRE_ROUTING, LOCAL_IN, FORWARD, LOCAL_OUT or POST_ROUTING).
I've just finished converting the netfilter code over to c99 style
struct initialisers, and I can tell you, that makes for one
unbelievably massive struct initialiser - 230 lines of initialiser
for ipv4 and about 350 for ipv6. All for the one struct.
On a completely unrelated note - does anybody know anything about
the boot block and partition table format for those USB flash key
thingos? I've just bought a 128M one of them, (TwinMOS Mobile
Disk) but the only way to make it bootable is to run a supplied
Win98 program, which only installs Win98 and munts the partition
table to the point where linux can't read it any more. I'd like
to put something like a bigger version of Tom's rtboot on it, and
if someone else has already done it (google is no help), it'd
save me a whole lot of work working the formats out (presuming that
I'm capable of doing so :)
Cheers
Mark
--
Old MacDonald had a form
e_i ^ e_i = 0
More information about the plug
mailing list