> I would like to configure a box to forward only TCP and
> UDP packets associated with a MASQ session and I can't quite
> figure out a way to do it. I can open 61000:65096 to the world
> and MASQ works fine, but I would prefer only let the ports with
> active sessions through the firewall. Can anyone tell me how to
> do this?
Replies to masqueraded packets pass the forwarding chain
automatically, so you can just configure the forwarding chain to
reject all inbound packets.
-- Glynn Clements <email@example.com>
- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to firstname.lastname@example.org