Hi, > I wrote a small firewall-skript based on iptables and wanted > the default policy to be REJECT. Therefore I entered a line > > root@greed:/home/thorsten# iptables -P INPUT REJECT > > which resulted in > > iptables: Bad policy name > Its my understanding that despite what several documents say, you *can't* have a default policy of REJECT because its not a core target but a target extension. You may want someone else to confirm this though. H