Re: policy DROP and 1 rule
On Tue, 19 Nov 2002 14:39:38 +0100 (CET)
"Andres Taylor" <andres@rotselleri.com> wrote:
> Actually what he said is that his POLICY is set top drop, not any rule.
> Which is a perfectly ok thing to do. It actually should work. I'm betting
> my money on missing an ACCEPT in the OUTPUT rule chain.
> <<<<<< hohoho, make the test and email me plz, all policys (hi mathias lambert, -P policy not rule)are set to ACCEPT only the INPUT chain policy in the filter-table of iptables set to DROP. Then insert in the INPUT chain in the filter table (first and only rule,-I -A in this case is equally)the rule iptables -I INPUT -s lan-machine-ip -j ACCEPT.then ping the firewalled machine and tell me your results,plz, thx
> Andres
>
> --
> http://sql.nu/
>
>
> Matias Lambert said:
> > Hi,
> > I think that your problem can be that you have the DROP rule before the
> > ACCEPT rule in your INPUT chain, if you put the command in the same
> > order that you email us, the packet will be droped.
>
> <snip>
>
> > inflo wrote:
> >
> >> hi, when i set the INPUT policy of DROP and then insert a rule -A
> >> INPUT -s lan-machine -j ACCEPT
>
> <snip>
>
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: