[linux-help] Re: ipchains question
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
On Mon, 25 Mar 2002, Jeff Vian wrote:
<snip>
>
> > I like this idea, except don't I still have to be able to accept packets
> > on the input chain for all of the web/ftp servers I connect to? If so, I
> > don't know if it would be efficient for me to add them to my script on a
> > per-host basis.
> >
> > Thanks again,
> >
> > Ben
> >
<snip>
>
>
> NO.
> The link originates from you, thus it is an output connection and the
> input rule does not apply.
> The input rule applies to any connection that originates outside your
> system.
>
>
Then why is it that I can ssh to, say, $SOMEONES_IP, but when I add the
rule:
ipchains -A input -i eth0 -s $SOMEONES_IP -d 0.0.0.0/0 -j REJECT
to the beginning of my ipchains script, ssh to $SOMEONES_IP just hangs,
and never connects?
<snip>
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
- [linux-help] ipchains question, Benjamin Bunck, 2002/03/22
- [linux-help] Re: ipchains question, Jeff Vian, 2002/03/22
- [linux-help] Re: ipchains question, Benjamin Bunck, 2002/03/22
- [linux-help] Re: ipchains question, Jeff Vian, 2002/03/25
- [linux-help] Re: ipchains question,
Benjamin Bunck <=
- [linux-help] Re: ipchains question, Jeff Vian, 2002/03/26
- [linux-help] Re: ipchains question, Benjamin Bunck, 2002/03/26
- [linux-help] Re: ipchains question, Benjamin Bunck, 2002/03/27
- [linux-help] Re: A meeting place to have activities, Anne McCadden, 2002/03/31
|
|
