20
submitted 8 months ago* (last edited 8 months ago) by Kalcifer@sh.itjust.works to c/homelab@lemmy.ml

cross-posted to: https://sh.itjust.works/post/14114626


If the rule is about forwarding traffic from the lan interface to the wan interface, then why is there also a forward rule? How would inputs, and outputs make any sense if the rule is talking about forwarding? What does it mean for wan to forward to REJECT? I interperet that as saying that wan doesn't go anywhere, but that wouldn't make sense given that the router can send, and receive over the internet.

For example I would interperet the first rule as follows:

  • lan => wan: the conditions for which connections from the lan interface are forwarded to to the wan interface.
  • Input: accept: the lan interface accepts all connections originating from the network (I wouldn't understand the point of setting this to be reject).
  • Output: accept: all connections exiting the wan interface are accepted (again, I'm not sure what the point of this would be).
  • Forward: accept: forwarding of packets from lan to wan is allowed.
  • Masquerade: I honestly don't know what the effect of enabling this would be. What would it mean to masquerade the lan interface?

I tried finding documentation, and I did come across this, and this, but, from what I could understand, they didn't really answer any of my questions.

you are viewing a single comment's thread
view the rest of the comments
[-] nulatium@programming.dev 1 points 8 months ago

Are there still questions about this?

[-] Kalcifer@sh.itjust.works 1 points 8 months ago

For the most part, it has been answered (you can scroll through the comments to see if you want to add any other information to a reply of mine, or someone else), but I would still certainly appreciate other attempts at explanations.

this post was submitted on 06 Feb 2024
20 points (100.0% liked)

homelab

6562 readers
1 users here now

founded 4 years ago
MODERATORS