Board index Unix Security

Using "ipchains -P forward DENY" instead of disabling ip-forwarding?

Using "ipchains -P forward DENY" instead of disabling ip-forwarding?

Post by Peter Eisenloh » Thu, 22 Jul 1999 04:00:00



Hi all,

ist there any difference (as seen from the outside) between
a) a host with ip_forwarding disabled and
b) a host with ip_forwarding enabled, but blocking all packets with
   the default-rule of the forwarding-chain set to DENY?

Background:
I have not been able to find a real FTP-Proxy for Linux. There is one
with the TIS firewall toolkit, which is not applicable for us. So it was
my
idea to use Linux' Masquerading functionality to do the ftp "proxying".
(caching is not required). Are there any major security drawbacks with
this
approach?

thanx for any hints,
  Peter

 
 
 
Top

1. mail forwarding problem with ".forward" file

I have a question about adding the ".forward" file in my unix user
directory.

I 'd like all incoming mails forwarded to another address temporarily whilst
I am away but I also want the machine to keep a copy of it for reference
when I return. Does anyone know how to do this? Normally I just put the
forwarding email address in the .forward file but it won't keep a copy of
it.

Thanks.

---
Benny K C Lo
PhD Candidate
Cancer Research Laboratories
University of Nottingham
Nottingham NG7 2RD, UK

2. IBM Token Ring 16/4 PCI 2

3. Local forwarding with "iptables" gives "invalid arguments"

4. why are mapped files SOOO slow?

5. I used "make install" instead of "make bzImage" is this bad?

6. data algebra with two files

7. Can grep be made using "and" instead of "or"

8. Setup Help

9. I used "make install" instead of "make bzImage" is this bad?

10. "weof" operation in "mt" command gives "permission denied"

11. GETSERVBYNAME()????????????????????"""""""""""""

12. About port Forwarding in Kernel 2.4.x using "iptables"

13. Using "/" .forward override with external email?


All times are UTC
Board index