Hello, Daniel Curtis a écrit : > > I have a question about iptables and rules for OUTPUT > chain. If I have a typical desktop without any services > like SSH, Samba etc. it is better to use something like?; > > iptables -P DROP > iptables -A OUTPUT -o eth0 -j ACCEPT > > or it does not matter and it could be a simple one rule; > > iptables -P OUTPUT ACCEPT
These two sets of commands do different things and cannot be compared simply. "Better" suggests optimization, and optimization requires a criterion. What is the objective criterion you wish to optimize ? -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
