Re: IPTABLES doesn't work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2004-01-29 at 23:46, smoothmilk wrote:
> heh, considering that RH includes this tool and it doesnt work out of
> the box, I'd say it should be a concern to the people who could possibly
> fix that, perhaps those people read this list. I mean, when you install
> fedora/redhat, it says do u want a firewall? If you choose yes, (which i
> did) it's not going to do anything--even something very very simple like
> deny all incoming new connections.
> 
> The following are what I have with only ftp allowed and eth0 trusted..

Think about that.  Eth0 is trusted...  Now, look at this...

> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]

...it's doing *EXACTLY WHAT YOU TOLD IT TO DO*.

It's not broken -- you don't know what you're doing.  There's a
difference.

If you trust eth0, then any traffic to or from eth0 will automatically
be trusted.  That trumps all the rules you've put in place before.  That
seems pretty obvious to me.

-- 
Ben Steeves                     _                    bcs@xxxxxxxxxx
 The ASCII ribbon campaign     ( )               ben.steeves@xxxxxx
   against HTML e-mail          X                GPG ID: 0xB3EBF1D9
http://www.metacon.ca/ascii    / \     Yahoo Messenger: ben_steeves




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux