iptables -P vs :OUTPUT in /etc/sysconfig/iptables
In FC3, /etc/sysconfig/iptables contains the line:
:OUTPUT ACCEPT [5291031:1347453874]
This sets the policy for the OUTPUT chain, but I haven't been able to discover what the bracketed numbers do or how to make an equivalent iptables -P command.
What is the effect? What is an equivalent iptables -P command? Does the indicated range make sense for my system?
I found a way to bypass this problem: /sbin/service iptables restart
I had changed the policy to DROP, and couldn't find a way to change it back, but this command replaces the entire iptables by the original. The only trouble is that the restart operation is slow. If I knew what iptables command to issue, it would be much faster.
Last edited by TomF; 04-14-2005 at 08:53 PM.