Richard Maxwell Underwood schrieb: > The only network connections on my machine are lo and ppp0. > > I want to prohbit all systems except for localhost from > initiating a connection to my machine. > > I know that this breaks active ftp, but I think that's ok > because pacman uses passive-mode ftp. > > Could someone post an /etc/iptables/iptables.rules?
http://wiki.archlinux.org/index.php/Simple_stateful_firewall_HOWTO This is all you need. Add the module ip_nat_ftp to your MODULES in rc.conf and it won't even break your active ftp. _______________________________________________ arch mailing list [email protected] http://www.archlinux.org/mailman/listinfo/arch
