On Tue, 19 Nov 2002 14:39:38 +0100 (CET) "Andres Taylor" <[EMAIL PROTECTED]> wrote:
> Actually what he said is that his POLICY is set top drop, not any rule. > Which is a perfectly ok thing to do. It actually should work. I'm betting > my money on missing an ACCEPT in the OUTPUT rule chain. > <<<<<< hohoho, make the test and email me plz, all policys (hi mathias > lambert, -P policy not rule)are set to ACCEPT only the INPUT chain policy in > the filter-table of iptables set to DROP. Then insert in the INPUT chain in > the filter table (first and only rule,-I -A in this case is equally)the rule > iptables -I INPUT -s lan-machine-ip -j ACCEPT.then ping the firewalled > machine and tell me your results,plz, thx > Andres > > -- > http://sql.nu/ > > > Matias Lambert said: > > Hi, > > I think that your problem can be that you have the DROP rule before the > > ACCEPT rule in your INPUT chain, if you put the command in the same > > order that you email us, the packet will be droped. > > <snip> > > > inflo wrote: > > > >> hi, when i set the INPUT policy of DROP and then insert a rule -A > >> INPUT -s lan-machine -j ACCEPT > > <snip> > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
