[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables, target REJECT



> 
> I wrote a small firewall-skript based on iptables and wanted 
> the default policy to be REJECT. Therefore I entered a line
> 
>    root@greed:/home/thorsten# iptables -P INPUT REJECT
> 
> which resulted in 
> 
>    iptables: Bad policy name
> 
> 
> I tried already to load the module ipt_REJECT (modprobe ipt_REJECT), 
> which seemed to work properly; nevertheless iptables still returns
> the same error message.
> 
Hello there!

Iptables will only accept the four default target as a policy: ACCEPT, DROP, QUEUE and RETURN! (see man iptables!)

If you want a build-in chain to act as if REJECT is set as the policy, simply add

iptables -A $CHAIN -j REJECT 

as the last rule! Anything beyond this rule will never be reached, but if you like, set the policy to DROP

iptables -P $CHAIN DROP



-- 
Meinen PGP-Key findet ihr unter:
My PGP-Key is located at:

http://www.holle.ath.cx/gpgkey.txt
http://www.verwayen.de/documents/gpgkey.gpg

Attachment: pgpW4nxkeV9zu.pgp
Description: PGP signature


Reply to: