From: Giorgio Zarrelli <zarrelli@in3it.com>
To: system@eluminoustechnologies.com
Cc: netfilter@lists.netfilter.org
Subject: Re: Default policy
Date: Sat, 21 Dec 2002 19:12:50 +0100 [thread overview]
Message-ID: <E18PoFF-0005ys-00@kashyyyk.netfilter.org> (raw)
In-Reply-To: <001501c2a8f3$40be2e40$1a01a8c0@vishal>
On Saturday 21 December 2002 14:16, you wrote:
> Hi All,
>
> Following is the policy that my firewall generation script gives, but my
> system hangs when i execute this, I am using ssh to execute this script. I
> am opening all other required ports. When I comment the last two lines my
> script works fine.
>
> ******Script*******
>
> #Set default policies to DROP
>
> $IPTABLES -P INPUT DROP
>
> # Rejecting all Packets
>
> #$IPTABLES -A INPUT -s 0/0 -d 0/0 -p udp -j DROP
> #$IPTABLES -A INPUT -s 0/0 -d 0/0 -p tcp -j DROP
Ssh hangs because you drop all packets on tcp from and to everywhere.. So,
your connection to the server is being cut. But policies like yours make no
sens.
Regards
Giorgio Zarrelli
next prev parent reply other threads:[~2002-12-21 18:12 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-12-21 13:16 Default policy system
2002-12-21 13:28 ` Rob Sterenborg
2002-12-21 18:12 ` Giorgio Zarrelli [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-08-26 8:35 default policy Payal Rathod
2003-08-25 8:59 ` Ralf Spenneberg
2003-08-25 14:56 ` Payal Rathod
2002-11-01 3:58 Rob
2002-11-01 23:22 ` Robert P. J. Day
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E18PoFF-0005ys-00@kashyyyk.netfilter.org \
--to=zarrelli@in3it.com \
--cc=netfilter@lists.netfilter.org \
--cc=system@eluminoustechnologies.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox