Securing eth1 with IPTABLES

gabriel danstemporaryaccount-FFYn/CNdgSA at public.gmane.org
Mon Mar 22 21:55:51 UTC 2004


On March 22, 2004 04:38 pm, David Kreuter wrote:
> Chain OUTPUT (policy ACCEPT 3651 packets, 219K bytes)
> Chain INPUT (policy ACCEPT 216K packets, 14M bytes)

well you could start with that.  having a default accept policy just makes it 
easier to break.  think of your box as a nightclub.  you want only the right 
people to be allowed in, not "anyone but these couple bad people".

since i don't use the iptables_save scripts, i'm not familliar with this sort 
of output and can't really help you beyond this, but if you were to supply 
the actual iptables commands you're using i might be able to help more ;-)

-- 
what luck for the rulers that men do not think.
	- adolph hitler
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list