Tomato firewall with routed /27

Discussion in 'Tomato Firmware' started by pteron, Jan 15, 2008.

  1. pteron

    pteron LI Guru Member

    Hi all,

    I'm using tomato on my network which is a routed /27 - there doesn't appear to be much firewall action going on!

    If I look at the iptables output (iptables -L -v) there doesn't appear to be any filtering going on in the FORWARD chain. Now my reading of the iptables tutorial indicates that all packets destined for another machine should be filtered in the FORWARD chain rather than the INPUT chain. I assume that most people use it in NAT mode, and all packets go through INPUT and get filtered first.

    Can anyone confirm if this is a correct understanding?

  2. mstombs

    mstombs Network Guru Member

    in NAT mode there's a lot going on in PREROUTING

    iptables -t nat -L -vn

    INPUT only restricts access to the router itself AFAIK.

    don't know about plain router mode - guess its up to you to use the scripts?
  3. pteron

    pteron LI Guru Member

    I've submitted a patch to Jon to enable the firewall in routed mode.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice