[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Searching for an appropriate iptables script



On Fri, Feb 08, 2002 at 07:51:43PM +0100, martin f krafft wrote:
> also sprach Gareth Bowker <tgb96@aber.ac.uk> [2002.02.07.1017 +0100]:
> > If you're worried about missing stuff out, you could start with a firewall
> > that defaults everything to DROP and go from there...
> 
> good point. any-any-any-DROP is what i call the base firewall. there
> is *no* argument for a firewall that's based on anything but this
> essential rule. there *should* also be a rule any-any-any-LOG right
> before.

Hopefully with a limit option.

-- 
     Florian Friesdorf <42ff@gmx.net>
OpenPGP key available on public key servers

------> Save the future of Open Source <------
-> Online-Petition against Software Patents <-
------> http://petition.eurolinux.org <-------

Attachment: pgppgTge9eQbt.pgp
Description: PGP signature


Reply to: