<snip> > iptables -A INPUT --protocol udp -i $DSLIFACE -d $ANYADDR \ > --destination-port :1023 -j REJECT > iptables -A OUTPUT --protocol udp -o $DSLIFACE -s $ANYADDR \ > --source-port :1023 -j REJECT
all connections to low ports are rejectet at this point. So the next rule will never match. you have to put the ACCEPT-line before the REJECT-line my setup is like this: ACCEPT ACCEPT ACCEPT.....for everything i want to allow LOG DROP....all that didn't match so far > > # Allow UDP datagrams in and out on the allowed ports > > iptables -A INPUT --match multiport --protocol udp -i $DSLIFACE \ > -d $ANYADDR --destination-port $UDP -j ACCEPT > iptables -A OUTPUT --match multiport --protocol udp -o $DSLIFACE \ > -s $ANYADDR --source-port $UDP -j ACCEPT > > I've been searching all over the web for information on Netfilter and > how I could accomplish my goals with it. So far I've come up with more > troubleshooting then anything else. I'm hoping that one of you experts > might have some advice for an apprentice like me :-D IMHO the only thing you need to read is: http://netfilter.samba.org/unreliable-guides/ > > > Thanks > > Stef > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
