[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: policy DROP and 1 rule

On Tue, 19 Nov 2002 14:39:38 +0100 (CET)
"Andres Taylor" <andres@rotselleri.com> wrote:

> Actually what he said is that his POLICY is set top drop, not any rule.
> Which is a perfectly ok thing to do. It actually should work. I'm betting
> my money on missing an ACCEPT in the OUTPUT rule chain.
> <<<<<< hohoho, make the test and email me plz, all policys (hi mathias lambert, -P policy not rule)are set to ACCEPT only the INPUT chain policy in the filter-table of iptables set to DROP. Then insert in the INPUT chain in the filter table (first and only rule,-I -A in this case is equally)the rule iptables -I INPUT -s lan-machine-ip -j ACCEPT.then ping the firewalled machine and tell me your results,plz, thx
> Andres
> 
> --
> http://sql.nu/
> 
> 
> Matias Lambert said:
> > Hi,
> > I think that your problem can be that you have the DROP rule before the
> > ACCEPT rule in your INPUT chain, if you put the command in the same
> > order that you email us, the packet will be droped.
> 
> <snip>
> 
> > inflo wrote:
> >
> >> hi, when i set the INPUT policy of DROP and then insert a rule -A
> >> INPUT -s lan-machine -j ACCEPT
> 
> <snip>
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: