On Fri, 3 May 2002, Eric B Kiser wrote: > Very interesting, Tom... Thanks for taking the time to get into more detail. > > I have modified my rules back to your original suggestion, however, I still > have one question. > > [snip] > In order for either of rules [2] to have been invoked, the ORIGINAL > destination IP would have had to have been in your local network; clearly > that is never going to be the case (my point from the last post). You may > as well remove the rules since they will never do anything. > [end snip] > > These rules did do "something". They made it possible for me to bring up the > tunnel. I understand the importance of doing it as per your example, I > changed my rules accordingly. If I understand you correctly, based on the > snip above, my rules shouldn't have worked at all? >
No -- the two rules you added had NO EFFECT WHATSOEVER on the outcome. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
