[plug] Iptables Help - UDP
Russell Steicke
r.steicke at bom.gov.au
Fri Feb 4 14:53:29 WST 2005
On Fri, Feb 04, 2005 at 02:38:23PM +0800, Cameron Patrick wrote:
> Russell Steicke wrote:
>
> > Without reading through all your iptables rules, I guess that you'd
> > need (at least) a rule like this:
> >
> > iptables -A INPUT -i eth0 -p udp --dport 500 -j ACCEPT
>
> FORWARD, not INPUT, yeah? Unless you're running the VPN client on the
> gateway machine (which is what I prefer to do) so that all machines on
> the internal network can see the VPN without extra hassle. This does
> make the iptables rules and routing tables more "fun". However, I did
> learn a lot about TCP/IP in the process :)
Ooh, yes, you're right. Packets go through one only of INPUT, FORWARD
and OUTPUT.
--
Russell Steicke
-- Fortune says:
When a woman marries again it is because she detested her first husband.
When a man marries again, it is because he adored his first wife.
-- Oscar Wilde
More information about the plug
mailing list