iptables Question

David Cary Hart fedora at tqmcube.com
Fri Aug 26 17:00:04 UTC 2005


On Sat, 2005-08-27 at 00:38 +0900, Mark Sargent wrote:
> Hi All,
> 
> today/tonight, I've been looking at iptables more deeply. I use 
> firestarter, and correct me if I'm wrong, it is a gui for iptables, 
> yes..? Below are the rules for input shown from iptables -L -v,
> 

> I'm rather curious about the 1st 2,
> 
> 0 0 ACCEPT tcp -- any any warpstar-62a102 anywhere tcp 
> flags:!SYN,RST,ACK/SYN
> 24 3341 ACCEPT udp -- any any warpstar-62a102 anywhere
> 
> as that is the hostname of my sharemate's adsl router. Is that due to 
> DHCP.? Also see similar in outbound,
> 
Hard to tell. Use iptables -L -n -v. May I suggest?:

        Use webmin as a netfilter GUI.
        Create a chain "junk" with two rules; log and drop

Just dropping packets without any print to messages is really not a very
good idea.
-- 
Tired of spam? Do YOUR part: http://www.BoulderPledge.org
Our DNSRBL - Eliminate Spam: http://www.TQMcube.com/spam_trap.htm
              RBLDNSD HowTo: http://www.TQMcube.com/rbldnsd.htm
            Multi-RBL Check: http://www.TQMcube.com/rblcheck.htm




More information about the fedora-list mailing list