Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 05-30-2006, 12:06 AM   #1
Registered: Jul 2001
Distribution: Slackware 12
Posts: 511

Rep: Reputation: 32

Is there a difference between doing
iptables -P INPUT ACCEPT
and doing at the end of a firewall script
iptables -A INPUT -j ACCEPT

I know that -P sets the default policy and -A appends a rule, but is there a difference in results?
Old 05-30-2006, 01:16 AM   #2
LQ Guru
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
On its own, to set the policy to accept is the same as accepting all. Consider the more common case of setting the polict to drop, and then appending a number of rules to accept, for example accept http on port 80 and ftp on port 21. Iptables would then accept packets sent to ports 21 and 80 and drop all others. Not the same as simply dropping all.

Clearly having a policy to accept everything with accepting rules as per above means nothing, but you could selectively drop packets. I believe the previous example is more common (effectively block everything and open holes rather than open everything and block parts off)

In other words, the policy is what happens when all rules have been checked.
Old 05-30-2006, 08:29 AM   #3
Registered: Jul 2001
Distribution: Slackware 12
Posts: 511

Original Poster
Rep: Reputation: 32
OK, let's say it uses DROP instead. Is the end result the same -- all packets not matching a specific rule get dropped?
Old 05-30-2006, 08:42 AM   #4
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
That's the effect..



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
pc doesn't accept keyboard kpachopoulos General 2 08-29-2005 03:20 PM
su doesn't accept my password CGameProgrammer Linux - General 7 10-13-2004 12:07 PM
how to accept my modem? trinitycomu Linux - Networking 1 07-13-2004 04:56 AM
HTTPS accept??? petey *BSD 6 06-23-2004 07:55 AM
accept dialups vher Linux - Newbie 1 12-26-2002 04:50 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:44 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration