* default drop on prerouting
@ 2006-09-28 17:19 gabrix
0 siblings, 0 replies; 2+ messages in thread
From: gabrix @ 2006-09-28 17:19 UTC (permalink / raw)
To: netfilter
I have default drop on all INPUT,OUTPUT,FORWARD iptables chains.What if
i default drop also the prerouting chain in the iptables script and than
accepting connections for services on my inside lan pcs ?
Thanks !
Gabriele
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: default drop on prerouting
[not found] ` <451CA239.50001@mail.nankai.edu.cn>
@ 2006-09-29 4:34 ` Bo Yang
0 siblings, 0 replies; 2+ messages in thread
From: Bo Yang @ 2006-09-29 4:34 UTC (permalink / raw)
Cc: netfilter
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
gabrix :
> I have default drop on all INPUT,OUTPUT,FORWARD iptables
> chains.What if i default drop also the prerouting chain in the
> iptables script and than accepting connections for services on my
> inside lan pcs ? Thanks ! Gabriele
>
>
I think there is nothing difference in the prerouting chain . You can
just set it to drop any package by default and
allow some special kinds of package to through your box !
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFHKI47tZp58UCwyMRAjyiAJ4qu/50TZBwZfx56I4HNLN7Mbn69QCePAL9
tVagNtndW/9YuoBTnJFoUKI=
=qoXZ
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-09-29 4:34 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-28 17:19 default drop on prerouting gabrix
[not found] <359464355.22539@mail.nankai.edu.cn>
[not found] ` <451CA239.50001@mail.nankai.edu.cn>
2006-09-29 4:34 ` Bo Yang
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox