On 2011.04.12. 22:18, Hofferek Attila wrote: > -A FORWARD -d 192.168.122.0/255.255.255.0 -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT > -A FORWARD -s 192.168.122.0/255.255.255.0 -i virbr0 -j ACCEPT > -A FORWARD -i virbr0 -o virbr0 -j ACCEPT > -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable > -A PREROUTING -i eth0 -p tcp -m tcp --dport 2222 -j DNAT > --to-destination 192.168.122.2:22
Mint ahogy mar Moczik Gabor is irta, hianyzik a FORWARD-bol az engedelyezes. Az elso FORWARD csak a meglevo kapcsolatokat engedi, az ujakat nem, raadasul kesobb mindent eldobsz. IroNiQ -- System Administrator Member of Frugalware Developer Team _________________________________________________ linux lista - linux@mlf.linux.rulez.org http://mlf2.linux.rulez.org/mailman/listinfo/linux
