Re: Searching for an appropriate iptables script

To: debian-firewall@lists.debian.org
Subject: Re: Searching for an appropriate iptables script
From: Florian Friesdorf <42ff@gmx.net>
Date: Sun, 10 Feb 2002 03:18:44 +0100
Message-id: <[🔎] 20020210021844.GA5683@mira.psychotron>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <[🔎] 20020208185143.GI28205@fishbowl.madduck.net>
References: <[🔎] 006a01c1afaf$c67f8cb0$0200a8c0@JEFF> <[🔎] 20020207091713.GA5169@pctgb.dcs.aber.ac.uk> <[🔎] 20020208185143.GI28205@fishbowl.madduck.net>

On Fri, Feb 08, 2002 at 07:51:43PM +0100, martin f krafft wrote:
> also sprach Gareth Bowker <tgb96@aber.ac.uk> [2002.02.07.1017 +0100]:
> > If you're worried about missing stuff out, you could start with a firewall
> > that defaults everything to DROP and go from there...
> 
> good point. any-any-any-DROP is what i call the base firewall. there
> is *no* argument for a firewall that's based on anything but this
> essential rule. there *should* also be a rule any-any-any-LOG right
> before.

Hopefully with a limit option.

-- 
     Florian Friesdorf <42ff@gmx.net>
OpenPGP key available on public key servers

------> Save the future of Open Source <------
-> Online-Petition against Software Patents <-
------> http://petition.eurolinux.org <-------

Attachment: pgpKLuhPwBjIO.pgp
Description: PGP signature

Reply to:

References:
- Searching for an appropriate iptables script
  - From: "Jeff Bonner" <jeff@integralogic.com>
- Re: Searching for an appropriate iptables script
  - From: Gareth Bowker <tgb96@aber.ac.uk>
- Re: Searching for an appropriate iptables script
  - From: martin f krafft <madduck@madduck.net>

Prev by Date: unsubscribe
Next by Date: Re: Searching for an appropriate iptables script
Previous by thread: Re: Searching for an appropriate iptables script
Next by thread: RE: Searching for an appropriate iptables script
Index(es):
- Date
- Thread