Re: [TCLUG:13767] IPCHAINS again...

To: TCLUG <tclug-list@mn-linux.org>
Subject: Re: [TCLUG:13767] IPCHAINS again...
From: Nate Carlson <natecars@real-time.com>
Date: Sun, 20 Feb 2000 12:50:27 -0600 (CST)
In-Reply-To: <Pine.LNX.4.20.0002200222540.23747-100000@beldaren.yaron.org>

On Sun, 20 Feb 2000, Yaron wrote:
> I'm somehow messing up something on the input chain, because when I
> ipchains -P input ACCEPT, everything works. However, having input on
> ACCEPT is pretty much pointess... 
> 

Try leaving input on ACCEPT, and putting a rule at the end something like
this:

ipchains -A input -s 0/0 -d 0/0 -j DENY -l

..which will deny all packets not specified and log the deny to syslog.
Great for troubleshooting.

-- 
Nate Carlson <carlson@real-time.com>    | Phone : (612)943-8700
http://www.real-time.com                | Fax   : (612)943-8500

Follow-Ups:
- Re: [TCLUG:13767] IPCHAINS again...
  - From: Yaron <jethro@yaron.org>

References:
- IPCHAINS again...
  - From: Yaron <jethro@yaron.org>

Prev by Date: Re: [TCLUG:13766] XML/XSLT (was: Re: [TCLUG:13752] HTML (again))
Next by Date: Re: [TCLUG:13766] XML/XSLT (was: Re: [TCLUG:13752] HTML (again))
Prev by thread: IPCHAINS again...
Next by thread: Re: [TCLUG:13767] IPCHAINS again...
Index(es):
- Date
- Thread