Doug Sampson wrote: > > > > # cat /etc/ipchains.input ^^^^^^^^^^^^^^^^^^^ You create this file, put that line in it and make sure that this line is *NOT* commented in /etc/network.conf:
IPCH_IN=/etc/ipchains.input These rather innocuous files can be very powerful tools in DCD! > > > $IPCH -I input -j DENY -p all -s 0/0 -d 255.255.255.255 -i > > $EXTERN_IF > > > > > > Exactly what does the ipchain statement say? Exactly what > > does it deny? > > > Obviously I'm not at all familiar with ipchaining... and I > > want to understand > > > it fully before I implement it... > > > > $IPCH -- /etc/ipfilter.conf: > > IPCH="/sbin/ipchains --no-warnings" > > -d 255.255.255.255 -- destination address > > -i $EXTERN_IF -- interface via which a packet is received > > -I input -- Insert one or more rules in the > > selected chain as the given > > rule number > > -j DENY -- what to do if the packet > > matches this rule > > -p all -- protocol of the rule or of > > the packet to check > > -s 0/0 -- Source specification > > > > I struggled with this for sometime last December, after being dragged > > into attbi.com. Since it is possible that that source ip can > > change and > > that I have never found any reason to _log_ packets broadcast to the > > entire universe (e.g., -d 255.255.255.255); therefore, I conclude that > > such packets deserve anonymity in that great bit bucket somewhere near > > /dev/null . . . > > > > How is this implemented in DCD 102? In the network.conf file? I understand > that I can type the ipchain command at the command prompt. However that is > good only until it is rebooted and I'd like to make that a permanent solution. -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user