Am Fr, den 21.01.2005 schrieb David Hoffman um 16:57: > > /sbin/iptables -A INPUT -j OC > > > > and OC would be appended to the INPUT chain. Correct? > YES My answer would be: NO. Please see my other reply. I suspect that the default iptables design from FC is still active for Kevin. So incoming traffic to port 22 is already catched by rule -A RH-Firewall-1-INPUT -i eth0 -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT And he can add as much jump targets to the end of the INPUT rule as he wants, they will not take place. Why? Because the INPUT chain is left right at start and the last rule of the left out jump chain is -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited Alexander -- Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.9_FC2smp Serendipity 17:01:44 up 7 days, 23 users, load average: 1.50, 1.14, 0.96
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
