On Thu, Jun 06, 2002 at 05:44:21PM -0400, patrick conlin wrote: > does one generally set the -P on their mangle table chains to DROP, even if > you're not using them for anything? > > usual procedure says set -P on all chains to DROP and allow what's > necessary,
Apparently they meant the "filter" table and not mangle or nat. Ramin > but if you're not using your mangle table chains for anything and > you set -P to DROP (on the iptables -t mangle PREROUTING chain, for example) > all packets get dropped. > > you guessed it, I just did this and got booted from the machine. Now I have > to wait until I can go home and reboot my firewall before I can play with it > any more. > > Just wondering how everyone else handles this. > > -=p=- >
