Iptables
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Sat Dec 20 21:00:25 UTC 2003
Am Sa, den 20.12.2003 schrieb Alex White um 20:48:
> >On Sat, 20 Dec 2003 15:14:02 -0500
> >Aurelio Sánchez <fae7901 at terra.es> wrote:
> >/sbin/iptables -t filter -I 'your_chain' -i lo -p all -s
> >0.0.0.0/0 -d>0.0.0.0/0 -j ACCEPT
>
> >Maybe that could help you, maybe don't, but it's a silly
> >thing that in a>Red Hat 7.1 installation stopped
> >me!........:-)>
>
> I gave this a shot. This didn't help. I can't help but
> wonder though, is this rule set safe? I don't know a -whole-
> lot out iptables and I know lo isn't addressable from the
> net, but still. Maybe I'm just paranoid. ^_^
>
> Thanks Though!
> Alex
To block traffic on loopback device (to and from lo) is not paranoid but
a broken setup.
You error description sounds to me as you have problems with wrong
MTU/MSS size. If you are a dsl user with pppoe be sure to turn on
mssclamping to a secure value, either by setting up pppoe correctly or
by using iptables to do the job.
The listing of the loaded iptables modules does not say anything
valuable. Better post your ruleset if you think your iptables setup is
incorrect.
Alexander
--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20031220/e0b2a04b/attachment-0001.sig>
More information about the fedora-list
mailing list