|
|
|
|
|
|
by laurowyn
1049 days ago
|
|
|
So the equivalent of: iptables -N eth0toeth1;
iptables -P eth0toeth1 DROP;
iptables -A FORWARD -i eth0 -o eth1 -j eth0toeth1;
iptables -A eth0toeth1 -m tcp -p 80 -j ACCEPT;
# add any more rules Or, as you say to avoid exponential combinations, just make a chain for each zone (interface) and explicitly allow specific protocols/ports to target interfaces. Zones with multiple interfaces are just multiple rules to jump to the same zone chain. |
|
|