On Thursday 09 October 2003 16:33, L�on Hagenaars wrote: > Thursday, October 9, 2003, 3:33:53 AM, Tarragon Allen wrote: > > TA> On Thursday 09 October 2003 01:09, Tiago Fernandes wrote: > >> hi, > >> > >> i thing that this should do the trick, for you > >> > >> iptables -F > >> iptables -P INPUT DROP > >> iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT > >> iptables -A INPUT -i "ppp0 or -s external_ip" -m state --state > >> ESTABLISHED,RELATED -j ACCEPT > >> > >> all packages related with sended packages should be accepted. > > TA> You might need to add this as well : > > TA> iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT > > TA> t > TA> -- > TA> GPG: http://n12turbo.com/tarragon/public.key > > I don't think te "iptables -A OUTPUT" line is needed, as the default policy > is ACCEPT and I don't see anything has changed in the OUTPUT of iptables.
Will iptables keep state on outgoing connections without you implicitly telling it to though? t -- GPG: http://n12turbo.com/tarragon/public.key
