Complete.Org: Mailing Lists: Archives: discussion: August 1999:
[aclug-L] Yet More Ipchains Stuff

[aclug-L] Yet More Ipchains Stuff

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]

To:	aclug-L@xxxxxxxxxxxx
Subject:	[aclug-L] Yet More Ipchains Stuff
From:	Jeff <schaller@xxxxxxxxxxxxx>
Date:	Wed, 18 Aug 1999 19:19:19 -0500 (CDT)
Reply-to:	aclug-L@xxxxxxxxxxxx

I'm not sure if I mentioned this or not, but I recently saw someone
using another neat thing with ipchains: you can set the default policy
on a chain to DENY instead of ACCEPT:
/sbin/ipchains -P input DENY [or REJECT]

This makes sure that if you miss/mess up anything and it falls through
the cracks, the default action is to drop it on the floor.

Assuming you want to do that, of course.  :)

Oh, and in response to one question from the meeting, yes '-i'
specifies the interface you want the rule to apply to. If you leave it
off, it matches any interface. You can also use "-i ! ppp+" to say
"anything EXCEPT any interfaces that _start_ with ppp" (to demonstrate
the ! and + syntax).

-jeff
-- 
Alien: That board with a nail in it may have defeated us. But the humans
 won't stop there.  They'll make bigger boards and bigger nails, and
 soon, they will make a board with a nail so big, it will destroy them
 all! [aliens laugh evilly, for quite some time]
-- `The Monkey's Paw' in ``Treehouse of Horror II''

[Prev in Thread]

Current Thread

[Next in Thread]

[aclug-L] Yet More Ipchains Stuff, Jeff <=
- Re: [aclug-L] Yet More Ipchains Stuff, Craig Terhune, 1999/08/18
  - Re: [aclug-L] Yet More Ipchains Stuff, Jeff, 1999/08/19

Prev by Date: Re: [aclug-L] pine question
Next by Date: [aclug-L] /ect.inetd file
Previous by thread: [aclug-L] pine question
Next by thread: Re: [aclug-L] Yet More Ipchains Stuff
Index(es):
- Date
- Thread