LinuxQuestions.org - [SOLVED] Iptables

LinuxQuestions.org (/questions/)

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Iptables (https://www.linuxquestions.org/questions/linux-security-4/iptables-881993/)

PinoyAko

05-21-2011 02:29 PM

Iptables

Should I start my script with all the DROP before ACCEPT or the other way around?

acid_kewpie

05-21-2011 02:30 PM

you accept things by exception with a default drop policy on each table. or a default drop at the very bottom of it.

PinoyAko

05-21-2011 02:38 PM

If a connection is already accepted and it still fits the drop condition at the end of the script will it still be dropped?

Noway2

05-21-2011 02:55 PM

No, iptables will stop comparing once a positive match is made. This is why you you are able to accept the things you want and then drop everything else at the end.

frankbell

05-21-2011 09:26 PM

One of the members of my LUG gave a presentation about his iptables script and posted the script to the LUG wiki.

Maybe it will be a useful reference.

PinoyAko

05-22-2011 03:05 AM

Quote:

Originally Posted by frankbell (Post 4363334)

One of the members of my LUG gave a presentation about his iptables script and posted the script to the LUG wiki.

Maybe it will be a useful reference.

Thanks for sharing the link :)

All times are GMT -5. The time now is 08:08 AM.