I have just installed SuSE 8.2 Pro, downloaded all the patches, and configured my firewall with the YaST2 Control Centre (blocking everything since I'm not a server). To see how things went I did an nmap scan and found some open ports. Every tutorial I read said that in order to close them I just type:

iptables -A INPUT -p tcp --dport 21 -j REJECT (replacing '21' with whatever port I want closed)

Anyway I did all that, no error messages, no feedback of any kind, so I did another nmap scan ('nmap -sS localhost' is correct to do that right?) and all the ports were still open. Can someone tell me how I would go about closing them?

Thanks.

1. There's a difference between REJECT and DROP. REJECT allows for control messages (ICMP) to travel back to the remote host, while DROP just does what it sez: drop the packet and not bother with it.
2. I find results from scanning from a remote host more trustworthy. If you can't, Google for "nmap yashi" or securityspace or dslreports for basic free scans.
3. Read up on default policies.

If your having problems setting up the iptables then you might like a gui with help function.

Have a look here: http://users.pandora.be/stes/ipmenu.html

Good luck

Thanks for that. i used those sites and it seems that I'm not as vulnerable as I feared.