El sáb, 20-12-2003 a las 14:48, Alex White escribió: > >/sbin/iptables -t filter -I 'your_chain' -i lo -p all -s > >0.0.0.0/0 -d>0.0.0.0/0 -j ACCEPT .../... > I gave this a shot. This didn't help. I can't help but > wonder though, is this rule set safe? I don't know a -whole- > lot out iptables and I know lo isn't addressable from the > net, but still. Maybe I'm just paranoid. ^_^ You just said it, but for your confidence, try redhat-config-security level, activate the firewall and let rewrite the iptables rules from that. Then inspect '/sbin/iptables -L -v'.....:-) On netfilter rules I'm a paranoid too, I'm afraid.... (I LOG and then DROP even ICMP packets.....:-), but without this rule my machines cannot access to Internet for navigating purposes. -- Saludos, Aurelio Sánchez fae7901 circling terra Spain fae7901 circling yahoo Spain Registered Linux User # 272846 GNU Privacy Guard Public Key available at pgp.rediris.es Created by Ximian Evolution 1.4.5 running on Fedora Core 1
