jd1008 at gmail.com
Wed Aug 18 03:23:59 UTC 2010
On 08/17/2010 06:31 PM, Genes MailLists wrote:
> On 08/17/2010 02:08 AM, Tom H wrote:
> #! /bin/sh
>> $IPTABLES --table filter --policy INPUT ACCEPT
>> $IPTABLES --table filter --policy FORWARD ACCEPT
>> $IPTABLES --table filter --policy OUTPUT ACCEPT
> Not saying I'm commenting on the wisdom of the rules one way or
> another - just asking - Does one really want default policy of accept on
> all of these ?
It's strange, but I assume that you start with a promiscuous
filter, and then you add rules to button it up.
I really do not know how these rules are consulted,
and which rule takes precedence .
More information about the users