Am Di, den 15.06.2004 schrieb Michael Floyd um 21:16: > your very welcome but looking over you iptable that you posted, your missing > one very critical piece to the puzzle.... > You have to add a line.... > Iptables -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j > ACCEPT > With out this, no packets will be accepted back to the machine. > Remember, the request for the web site must be able to come back through the > router > Michael Floyd Hm? He has already the RH-Firewall-1-INPUT chain wide open! His first rule inside this chain is ACCEPT all -- anywhere anywhere So the rest of what is in there is bypassed by that. And your suggested rule is just necessary in a different setup or at a later time, when all runs, as an exchange to the global "accept all incoming traffic" rule. Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435 Serendipity 21:27:54 up 17:54, 8 users, 0.16, 0.24, 0.22
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
