On Wed, 29 Sep 2004, TongKe Xue wrote: > Hi all, > > I'm using the iptables config from: > http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-5.html > > Now, when I try that, apparently KDE and GNOME both refuses to start > -- do they run some kind of server and then connect to it? How can I > fix this? > > (Worked fine on RH9; but apparently refuses to work on FC2). > > To make it easier to respond; the section I'm referring to is: > > --BEGIN QUOTE-- > ## Insert connection-tracking modules (not needed if built into kernel). > # insmod ip_conntrack > # insmod ip_conntrack_ftp > > ## Create chain which blocks new connections, except if coming from inside. > # iptables -N block > # iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT > # iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT > # iptables -A block -j DROP > > ## Jump to that chain from INPUT and FORWARD chains. > # iptables -A INPUT -j block > --END QUOTE-- Just a quick note...I'm hoping that you realize that if you have that exact snippet in your firewall script, there's nothing going on, at all...all of the lines starting with # are effectively commented out. -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org To be notified of updates to the web site, visit http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a message to: site-update-request@xxxxxxxxxxxxxxxxx with a message of: subscribe
