> > I wrote a small firewall-skript based on iptables and wanted > the default policy to be REJECT. Therefore I entered a line > > root@greed:/home/thorsten# iptables -P INPUT REJECT > > which resulted in > > iptables: Bad policy name > > > I tried already to load the module ipt_REJECT (modprobe ipt_REJECT), > which seemed to work properly; nevertheless iptables still returns > the same error message. > Hello there! Iptables will only accept the four default target as a policy: ACCEPT, DROP, QUEUE and RETURN! (see man iptables!) If you want a build-in chain to act as if REJECT is set as the policy, simply add iptables -A $CHAIN -j REJECT as the last rule! Anything beyond this rule will never be reached, but if you like, set the policy to DROP iptables -P $CHAIN DROP -- Meinen PGP-Key findet ihr unter: My PGP-Key is located at: http://www.holle.ath.cx/gpgkey.txt http://www.verwayen.de/documents/gpgkey.gpg
Attachment:
pgpZqCOgPFsT7.pgp
Description: PGP signature