On Fri, 2004-09-10 at 15:08, Noll, Ralph wrote: > linux2003:/etc# iptables -L -n > Chain INPUT (policy DROP) > target prot opt source destination > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED
...stuff... Yeah, so you've got a monstrously complicated iptables setup there. I guess the question is, is it basically working (other than, pings don't work)? That is, can you get to it via ssh and stuff? It looks--and I didn't even try to figure all this out--like you've got a default iptables configuration that tries to harden the box against portscans and stuff. That's not a bad thing. If you trust the network the box is on, you could just kill all the iptables stuff: iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -t INPUT -F iptables -t OUTPUT -F iptables -t FORWARD -F (Do the policy stuff (the first three lines) first, or you're in for a nasty shock when you flush the rulesets.....) Adam ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
