[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables, target REJECT

> I wrote a small firewall-skript based on iptables and wanted 
> the default policy to be REJECT. Therefore I entered a line
>    root@greed:/home/thorsten# iptables -P INPUT REJECT
> which resulted in 
>    iptables: Bad policy name
> I tried already to load the module ipt_REJECT (modprobe ipt_REJECT), 
> which seemed to work properly; nevertheless iptables still returns
> the same error message.
Hello there!

Iptables will only accept the four default target as a policy: ACCEPT, DROP, QUEUE and RETURN! (see man iptables!)

If you want a build-in chain to act as if REJECT is set as the policy, simply add

iptables -A $CHAIN -j REJECT 

as the last rule! Anything beyond this rule will never be reached, but if you like, set the policy to DROP

iptables -P $CHAIN DROP

Meinen PGP-Key findet ihr unter:
My PGP-Key is located at:


Attachment: pgptRTjmcdtT2.pgp
Description: PGP signature

Reply to: