Re: Question about iptables

2005-12-05 Thread Nicolai Ehemann 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

>>The first line does not includ "state Related, established" or "state 
>>established"...
>>
>>Does it mean that all trafic will be allowed ?
> 
> yes.
That is, if there are no 'hidden' options to that rule. iptables -L does
 only show the most common options of rules. The complete rules will be
printed with iptables -L -v.

Yours, Nico
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (MingW32)

iD8DBQFDlBtQYm+MkvsfJ58RAk2OAJ9zoD2GiJwKNhQwHfHWeczQwanRRgCgxPYm
eK7vORcf9Jw9TTavXPgVFNY=
=a4H9
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Question about iptables

2005-12-05 Thread Bernd Eckenfels 
In article <[EMAIL PROTECTED]> you wrote:
> Chain INPUT (policy DROP)
> target prot opt source   destination
> ACCEPT all  --  anywhere anywhere  

> The first line does not includ "state Related, established" or "state 
> established"...
> 
> Does it mean that all trafic will be allowed ?

yes.

> A network scan shows me that all packets are dropped !!!

maybe in the OUTPUT or FORWARDING rules? what kind of scan?

try to look for counters and other hints with "-v".

Gruss
Bernd


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]