[plug] iptables configuration : Accept for Drop by default
Tony Breeds
tony at bakeyournoodle.com
Mon Oct 29 07:36:58 WST 2012
On Fri, Oct 26, 2012 at 01:42:30PM +0800, Alexander Hartner wrote:
> I was wondering if this system is secure at all and just badly
> misconfigured. For some reason it seems to kind of work as traffic is
> being blocked. Maybe I just don't understand this properly. Any
> pointers in the right direction would really help me out.
It's not a problem as the:
"REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited"
Will reject anything so the default will never need to be applied.
It has the dubious advantage that if you do "iptables -F" you won't get
locked out of your machine.
They look like a pretty default set of rules on a RHEL system.
Yours Tony
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20121029/c014e4b8/attachment.pgp>
More information about the plug
mailing list