Re: firewall

To: debian-security@lists.debian.org
Subject: Re: firewall
From: Simon Huggins <huggie@earth.li>
Date: Tue, 11 Sep 2001 11:26:06 +0100
Message-id: <[🔎] 20010911112606.D7103@paranoidfreak.co.uk>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 86g09vqaou.fsf@potato.vegetable.org.uk>
References: <[🔎] Pine.SOL.4.31.0109101203410.21149-100000@strauss.udel.edu> <[🔎] 86g09vqaou.fsf@potato.vegetable.org.uk>

On Mon, Sep 10, 2001 at 05:24:15PM +0100, Tim Haynes wrote:
> My script, previously plugged, does this with connection tracking. 

>     iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
>     iptables -A block -m state --state INVALID -j DROP

Indeed though some people may prefer REJECT rather than DROP to be
polite to people identing them for instance (well and to speed up
outbound connection attempts where the other end attempts ident).

Simon.

-- 
[ "Rule six:  There is no... rule six." - Monty Python                 ]
        Black Cat Networks.  http://www.blackcatnetworks.co.uk/

Reply to:

Follow-Ups:
- Re: firewall
  - From: Tim Haynes <debian@stirfried.vegetable.org.uk>

References:
- Re: firewall
  - From: Rishi L Khan <rishi@UDel.Edu>
- Re: firewall
  - From: Tim Haynes <usenet@stirfried.vegetable.org.uk>

Prev by Date: Re: firewall
Next by Date: Re: firewall
Previous by thread: Re: firewall
Next by thread: Re: firewall
Index(es):
- Date
- Thread