I am currently experimenting with iptables. I know that the INPUT chain is very
important to prevent malicious packets from entering the internal network; however, I do not see how the FORWARD and OUTPUT chain being able to provide any extra security.
e.g: even if all packets from the internal network are free to be forwarded across the network and out of the internal network... how will that affect security of the internal network?
Pls give me examples of scenarios where specifying the FORWARD and OUTPUT chains provide extra security?
OR in other words,
give me examples of scenarios where NOT specifying the FORWARD and OUTPUT chains lead to a security threat to the internal network.
Thanks a lot!