On 16:28 14 May 2002, The Gyzmo <[EMAIL PROTECTED]> wrote: | #modify chains | /sbin/ipchains -P input ACCEPT | /sbin/ipchains -P output ACCEPT | /sbin/ipchains -P forward DENY | | #deny TCP connection attempts | /sbin/ipchains -A input -l -i ppp+ -p tcp -y -j DENY
You're doing this backwards. What you want is: /sbin/ipchains -P input REJECT /sbin/ipchains -P output REJECT /sbin/ipchains -P forward DENY and then a bunch of rules to ACCEPT _only_ what you expect. Much much safer. -- Cameron Simpson, DoD#743 [EMAIL PROTECTED] http://www.zip.com.au/~cs/ Man is quite insane. He wouldn't know how to create a maggot, and he creates gods by the dozen. - Montaigne _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list