LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page -P ACCEPT vs -j ACCEPT
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-30-2006, 12:06 AM   #1
Wynd
Member
 
Registered: Jul 2001
Distribution: Slackware 12
Posts: 511

Rep: Reputation: 32
-P ACCEPT vs -j ACCEPT

Is there a difference between doing
Code:
iptables -P INPUT ACCEPT
and doing at the end of a firewall script
Code:
iptables -A INPUT -j ACCEPT
?

I know that -P sets the default policy and -A appends a rule, but is there a difference in results?
 
Old 05-30-2006, 01:16 AM   #2
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
On its own, to set the policy to accept is the same as accepting all. Consider the more common case of setting the polict to drop, and then appending a number of rules to accept, for example accept http on port 80 and ftp on port 21. Iptables would then accept packets sent to ports 21 and 80 and drop all others. Not the same as simply dropping all.

Clearly having a policy to accept everything with accepting rules as per above means nothing, but you could selectively drop packets. I believe the previous example is more common (effectively block everything and open holes rather than open everything and block parts off)

In other words, the policy is what happens when all rules have been checked.
 
Old 05-30-2006, 08:29 AM   #3
Wynd
Member
 
Registered: Jul 2001
Distribution: Slackware 12
Posts: 511

Original Poster
Rep: Reputation: 32
OK, let's say it uses DROP instead. Is the end result the same -- all packets not matching a specific rule get dropped?
 
Old 05-30-2006, 08:42 AM   #4
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
That's the effect..

http://iptables-tutorial.frozentux.n...-tutorial.html
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
pc doesn't accept keyboard kpachopoulos General 2 08-29-2005 03:20 PM
su doesn't accept my password CGameProgrammer Linux - General 7 10-13-2004 12:07 PM
how to accept my modem? trinitycomu Linux - Networking 1 07-13-2004 04:56 AM
HTTPS accept??? petey *BSD 6 06-23-2004 07:55 AM
accept dialups vher Linux - Newbie 1 12-26-2002 04:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:03 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration