On Thursday 30 September 2004 05:47 am, Chuong Dao wrote:
> Khong hieu ta.i sao ba'c thi'ch iptables -A INPUT -j DROP dden nhu
> the^' :)
>
Vi` ddu+o+.c chi? da^~n ra(`ng go~ ca^u le^.nh na`y xong thi` khoa'
tuo^'t luo^'t, ga^`n nhu+ ddo'ng cu+?a sa('t kho^ng cho va`o kho^ng
cho ra. An toa`n xa lo^. ddo' ma`. Chu+' pha?i go~ ma^'y pha't mo+'i
cha.y no' ddu+o+.c, cu+' nhu+ la` ba('n su'ng ki'p tho+`i Kha'ng
Chie^'n, cu~ng me^.t bo? xu+`!
> Ca'ch to^'t nha^'t la` kho^ng ne^n go~ no' sau khi cha.i Larry's
> script :)
Mi`nh thu+? to+'i thu+? lui thi` cu~ng nghie^.m ra ddu'ng nhu+ va^.y
nhu+ng kho^ng hie^?u ta.i sao. Gio+` mo+'i bie^'t ta.i sao. Thanks.
>
> Co`n ne^'u muo^'n xa`i no' thi` ddu+`ng cha.y Larry's script. Lu'c
> ddo' ba'c se~ ddu+o+.c thoa? ma~n nhu+ y' ba'c muo^'n (no more
> INPUT connectivity).
>
> Larry's script co' la`m mo^.t trick nho? cho connections dda~
> ddu+o+.c ESTABLISHED/RELATED. Scrit na`y se~ cho phe'p INPUT vo+'i
> ddie^`u kie^.n la` ba'c initiated the connection. Ho+i ra('c ro^'i
> ti' (iptables howto on ESTABLISHED/RELATED).
>
> Vi` ba'c cha.y ca'i iptables -A INPUT -j DROP sau khi cha.y Larry's
> cho nen no' khong co' stop everything ta.i vi` no' ddu+ng dda(`ng
> sau Larry's script. iptables works theo thu+' tu+. Tha(`ng rule
> na`o dden truoc la` xai thang ddo' :)
Vu+`a ro^`i co' post le^n ML 5 ca'i bi' ki'p da de^, da`i lo`ng tho`ng
kho' hie^?u kinh ngu+o+`i. La`m o+n gia?ng tie^'p ca'm o+n tru+o+'c.
--
m k h _ s g n
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
VietLUG-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/vietlug-users
