El Sábado, 15 de Julio de 2006 12:22, Richard Maxwell Underwood escribió: > I'm not a Linux newbie, but I haven't learned iptables or > netfilter, and it would be _so nice_ if I didn't have to study > detailed documentation to make the following change to my > machine. > > I know that many people don't want this mailing list flooded by > "newbie" questions about Linux, but please let me have one > reprive from this general rule or ethic against "newbie" > questions. > > The only network connections on my machine are lo and ppp0. > > I want to prohbit all systems except for localhost from > initiating a connection to my machine. > > I know that this breaks active ftp, but I think that's ok > because pacman uses passive-mode ftp. > > Could someone post an /etc/iptables/iptables.rules?
*filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT COMMIT
_______________________________________________ arch mailing list [email protected] http://www.archlinux.org/mailman/listinfo/arch
