iptables isn't blocking IP

Alexander Dalloz ad+lists at uni-x.org
Fri Jan 21 15:11:57 UTC 2005


Am Fr, den 21.01.2005 schrieb Kevin Old um 16:02:

> Yes, I have a chain called "OC", and no, I don't have anything in my
> input chain that calls the "OC" chain.  I wasn't aware that I needed
> to call the "OC" chain from my input chain.
> 
> Can you provide syntax of how I might do this?

> Kevin

From the default Fedora Core iptables setup (/etc/sysconfig/iptables):

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
[...]

You see how the INPUT chain jumps to target RH-Firewall-1-INPUT chain,
which would be in your case "OC".

Alexander


-- 
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.9_FC2smp 
Serendipity 16:09:44 up 6 days, 23:31, load average: 0.93, 0.89, 0.72 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050121/1c79c091/attachment-0002.bin 


More information about the users mailing list