Hi,
So if i understand well, you suggest me to put those line at the top of my Iptable script cause it seems to be safer, by default it DROP packets except when i have defined specific rules wich is my case :> > Brian and Henk, i think you make the point. > Even with iptables loading the inactive ruleset, i've got all ports > opened. > > I don't understand why you are speaking of "inetd" ? > Cause i've got inetd running on the machine... Well, check /etc/inetd.conf and make sure that things are not not accidently serviced by inetd. Otherwise when you flush the rules or when you haven't got a default DROP policy, certain ports will still be reported as open.
IPTABLES -P INPUT DROP
IPTABLES -P FORWARD DROP
IPTABLES -P OUTPUT DROP
I've read that with a default DROP policy, i must specifically define ACCEPT rules when flushing with -F, this, not to be locked out of my system.
It's ok, i Just have ssh, smtp and ftp like i did the setup !> Did i miss something somewhere ? Don't know, better check to be sure. Just do a 'grep -v ^# /etc/inetd.conf' to see what's enabled.
Thanks. Mathieu.
