[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: iptables -P INPUT REJECT



> ** Reply to message from Michael Schwendt <rh0210ms arcor de> on Sat, 30
> Nov 2002 14:38:06 +0100
>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On Sat, 30 Nov 2002 14:32:17 +0100, Michael Schwendt wrote:
>>
>> > > The reject option as stated in the Redhat 8.0 Security Guide does
>> not work !
>> > >
>> > > It gives Bad policy name.
>> > >
>> > > Has anyone a workaround for this ?
>> >
>> > "iptables -P INPUT DENY" because REJECT is a target extension.
>>
>> Sorry, "iptables -P INPUT DROP" of course. DENY was ipchains.
>
> OOps. I made the same booboo. DROP it is.

The exact command line for this is:

iptables -P INPUT -j DROP

But then again you may want to think twice about using a DEFAULT DROP
firewall, DEFAULT DROP uses alot of resources for packets you might just be
able to ignore.

I you would like to understand more drop a line to me.






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]