From mboxrd@z Thu Jan 1 00:00:00 1970 From: Carl-Daniel Hailfinger Subject: Re: [PATCH] Unspecified proto should print as "all" in iptables -L Date: Thu, 03 May 2007 18:33:47 +0200 Message-ID: <463A0EEB.5050402@gmx.net> References: <20070428220206.GA26272@linuxace.com> <463524E7.60107@netfilter.org> <20070430171317.GA6904@linuxace.com> <20070430173654.GB6904@linuxace.com> <20070430200930.GA8187@linuxace.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Phil Oester , netfilter-devel@lists.netfilter.org, Jan Engelhardt , Pablo Neira Ayuso To: Jorge Davila Return-path: In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-devel-bounces@lists.netfilter.org Errors-To: netfilter-devel-bounces@lists.netfilter.org List-Id: netfilter-devel.vger.kernel.org On 03.05.2007 18:16, Jorge Davila wrote: > Well, it's because some users inside the internal networks under my > administration visit http://www.grc.com/ and run the Shields Up! to see > the open ports in the gateways and they see the port 0 open. That was > the reason to apply the rule. Ah cool, that's another datapoint when trying to guess the firewall ruleset. Port 0 not filtered roughly means "default policy is ACCEPT". (Well, not quite. But close.) Regards, Carl-Daniel