Iptables
Aurelio Sánchez
fae7901 at terra.es
Sun Dec 21 03:53:34 UTC 2003
El sáb, 20-12-2003 a las 14:48, Alex White escribió:
> >/sbin/iptables -t filter -I 'your_chain' -i lo -p all -s
> >0.0.0.0/0 -d>0.0.0.0/0 -j ACCEPT
.../...
> I gave this a shot. This didn't help. I can't help but
> wonder though, is this rule set safe? I don't know a -whole-
> lot out iptables and I know lo isn't addressable from the
> net, but still. Maybe I'm just paranoid. ^_^
You just said it, but for your confidence, try redhat-config-security
level, activate the firewall and let rewrite the iptables rules from
that. Then inspect '/sbin/iptables -L -v'.....:-)
On netfilter rules I'm a paranoid too, I'm afraid.... (I LOG and then
DROP even ICMP packets.....:-), but without this rule my machines cannot
access to Internet for navigating purposes.
--
Saludos,
Aurelio Sánchez
fae7901 circling terra Spain
fae7901 circling yahoo Spain
Registered Linux User # 272846
GNU Privacy Guard Public Key available at pgp.rediris.es
Created by Ximian Evolution 1.4.5 running on Fedora Core 1
More information about the fedora-list
mailing list